Weekly Threat Report - 14th February 2020
Ransomware attack brings down college IT
A college in Scotland fell victim to an apparent ransomware attack last week with the incident bringing down its IT systems.
Ransomware is a type of malware that makes data or systems unusable until the victim makes a ransom payment. Students of Dundee and Angus School were subsequently kept away and told that they would need to reset their passwords following the attack.
Fortunately, the college is now recovering from the incident and the NCSC’s guidance for mitigating against malware and ransomware attacks is a useful resource for any organisation looking to bolster defences against this kind of cyber attack.
It is thought that this particular ransomware attack was deployed from a Trickbot infection. The NCSC’s Trickbot advisory provides advice on how to deal with an infection and preventative action which can be taken now.
Attackers using the Coronavirus as a phishing trap
The coronavirus outbreak is being used in phishing attacks according to researchers at Proofpoint.
Attackers are taking advantage of the widespread concern about the virus to lure people into phishing traps using conspiracy theories about “unreleased” cures. One example describes a ‘confidential cure solution’ before giving users the option to follow a link through to a fake website asking for credentials. Proofpoint’s report has other examples of phishing traps being utilised.
Phishing attacks are untargeted, mass emails sent to many people asking for sensitive information (such as bank details) or encouraging them to visit a fake website.
Unfortunately, it is relatively common for cyber criminals to take advantage of situations like the coronavirus outbreak to prey upon people’s concerns. If you want to learn more about spotting and dealing with phishing emails, then the NCSC’s suspicious email advice is well worth reading.