Cyprus seems to have escaped so far Friday’s worldwide cyber-attack which hit computers, hospital systems, universities and businesses in around 150 different countries.
The police officer in charge of combating electronic crime, Andreas Anastasiades, said that so far there had been no complaints of a cyber-attack in Cyprus.
But as a safety measure the state computer services department sent specific instructions to public servants on Monday.
Meanwhile, the parliament’s communications agency issued a series of protective measures to MPs and journalists covering computers, smart phones and tablets.
In their announcement on Monday, the agency also advised the public to “avoid visiting web pages with dubious or dangerous content, especially if they are accompanied by pop-up windows without the user’s subscription, as well as the opening of emails when the sender is unknown”.
Apps and compressed (zip) files that are unfamiliar and unexpected should not be opened or activated, the agency warned.
It is also recommended to backup all important files onto a separate storage (USB/external hard drive).
From Russia to Spain and from Mexico to Vietnam, hundreds of thousands of computers, especially in Europe, were infected on Friday by a malicious software called ‘WannaCry ransomware’, which exploited a flaw in Windows systems and then required ransom from the users.
It’s thought to be the biggest online extortion attack ever recorded.
The WannaCry ransomware, which locks computer systems and demands $300 (€273) in Bitcoin, hit over 200,000 computers on Friday and the impact continued to be felt across the weekend.
Around £33,000 in ransoms have been paid to date, according to an analysis of Bitcoin wallets.
“The latest account reports of more than 200,000 victims, particularly businesses, in at least 150 countries. We are conducting business against around 200 cyber-attacks every year but have never seen that before, “said Europol’s director Rob Wainwright on Sunday.
Ransomware is a malicious software that blocks access to data. Victims then receive a message demanding payment. Information remains encrypted until the ransom is paid.
Ransomware enters a computer when a person mistakenly downloads malicious files. It can also spread via a worm, embedding itself within a network. This is instead of relying on humans to spread by clicking.
According to the US’ National Cyber Security Centre, the risk of being infected by ransomware can be reduced by taking the usual computer security steps, such as ensuring patches and updates are installed as they are released by software firms.
“However, as well as patching the devices used for web browsing and email, it’s important to patch the systems they are connected to, since some ransomware is known to move around systems, encrypting files as it goes,” the NCSC’s website said.
Limassol computer expert Alexis Tsiakkas has issued the following guidelines to protect your computer:
What are best practices for protecting against ransomware?
- New ransomware variants appear on a regular basis. Always keep your security software up to date to protect yourself against them.
- Keep your operating system, a known antivirus and other software updated. Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by ransomware attackers.
- Email is one of the main infection methods. Be wary of unexpected emails especially if they contain links and/or attachments.
- Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.
- Backing up important data is the single most effective way of combating ransomware infection. Attackers have leverage over their victims by encrypting valuable files and leaving them inaccessible. If the victim has backup copies, they can restore their files once the infection has been cleaned up. However organisations should ensure that back-ups are appropriately protected or stored off-line so that attackers can’t delete them.
- Using cloud services could help mitigate ransomware infection, since many retain previous versions of files, allowing you to “roll back” to the unencrypted form.