Information Security Tips (October 2023) – Beware of Ransomware Attacks

資訊安全貼士 (2023年10月號) - 注意勒索軟件攻擊

 2023-10-25     ICTO     Bulletin / 公告    (Expired/已過期)

To: All Users

Ransomware attacks are one of the most common types of cyber attacks in recent years. Attackers use various network intrusion techniques or methods such as impersonation and fraud to deploy ransomware programs to organizations and users, encrypt the data on the infected computer system, so that the affected systems will not be able to operate normally, and extort money and other economic benefits from the victims. At the same time, some attackers also steal data during the process and threaten victims with disclosure of confidential data to increase the likelihood of the victims compromising.

The following security measures can prevent ransomware attacks:

  1. Beware of phishing and virus emails, do not casually open attachments or web links:
    Attackers will send phishing emails with malicious program attachments or web links. Once you open, your computer system will be infected;

  2. Beware of social engineering, do not trust strangers or people with unverified identities:
    They will impersonate government officials, customer service, bank staff, etc., and induce you to download or install unknown software, or even assist them in carrying out ransomware attacks;

  3. Install antivirus software, turn on real-time protection and monitoring functions:
    Whether the ransomware program is spread via portable data storage devices (such as USB, mobile hard drives, etc.) or emails, the real-time protection function of antivirus software can effectively intercept the ransomware program when it is installed or executed;

  4. Regularly update software, keep antivirus software up to date:
    This can prevent attackers from exploiting existing software vulnerabilities for attacks. At the same time, the latest antivirus software feature database can  detect effectively and intercept suspicious software programs;

  5. Protect your user password, activate multi-factor authentication services and use strong passwords:
    They will use leaked accounts or brute force cracking techniques to remotely log into your computer system and install ransomware programs;

  6. Regularly backup data to ensure that files can be restored from backups:
    Even if data is encrypted, it can be restored from backups, which will reduce the chance of data loss.

Reference

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶:

勒索軟件攻擊是近年最普遍的網絡攻擊類型之一。攻擊者利用各種網絡入侵技術或通過偽冒、詐騙等手段,向目標機構及用戶投放勒索軟件程式,加密受感染電腦系統的數據資料,使受影響系統無法正常運作,從而向受害者勒索金錢等經濟利益。與此同時,有些攻擊者還會在過程中竊取數據資料,並以公開其中的機密數據來威脅受害者,以增加受害者作出妥協的可能性。

採取以下安全措施來防範勒索軟件攻擊:

  1. 提防釣魚及病毒電郵,不要隨便打開附件或網頁連結:
    攻擊者會發送含有惡意程式的釣魚電郵附件或網頁連結,一旦打開,便會感染您的電腦系統;

  2. 提防社交工程,不要輕信陌生人或未核實身份的人士:
    他們會假冒政府官員、客服、銀行員工等,誘使您下載或安裝來歷不明軟件,甚至協助他們進行勒索軟件攻擊;

  3. 安裝防毒軟件, 開啟即時防護及監控功能:
    不管是通過便攜式數據儲存設備(如USB、移動硬盤等)或是電郵進行傳播,當勒索軟件程式被安裝或執行時,防毒軟件的即時防護功能可有效地把它們攔截;

  4. 經常進行軟件更新,讓防毒軟件保持在最新狀態:
    這樣可避免攻擊者利用軟件存在的安全漏洞來進行攻擊,同時,最新的防毒軟件特徵庫,能更有效地檢測及攔截可疑的軟件程式;

  5. 保護好您的用戶密碼,啟動多重認證服務及使用強密碼:
    他們會利用外洩的帳號或通過暴力破解等技術手段,遠程登入您的電腦系統以安裝勒索軟件程式;

  6. 定期備份資料,確保能夠從備份中還原文件:
    就算數據資料被加密,也可從備份中還原,大大減低數據遺失的機會。

參考資料

如有任何疑問,請聯絡資訊及通訊科技部服務中心。

服 務 中 心
位置 : 中央教學樓東5座(E5)二樓2085室 (電子地圖)
電話 : 8822 8600
電郵 : icto.helpdesk@um.edu.mo

資訊及通訊科技部