Na terça-feira, a transmissão do canal de notícias da televisão australiana ABC News 24 foi suspenso por 30 me. O canal ficou escuro após um ataque do ransomware com recursos de criptografia. Como resultado do ataque, o serviço de radiodifusão tinha que ser feito fora de Melbourne, em vez de Sydney.
Como foi suspensa a transmissão da ABC?
Os especialistas em TI afirmaram que o malware se infiltrou no canal de televisão ABC News 24 através de um email de phishing. Durante a mesma campanha de hackers, também foram alvo outras grandes organizações. Os funcionários do canal de notícias receberam e-mails da Australia Post, que reivindicou um relatório sobre falha na entrega de encomendas.
Um e-mail de phishing como esse, geralmente, vem com um anexo que, quando aberto, lança o software malicioso. As vezes, Contudo, the email delivers a link that is pointing out to a malicious download.
Australia Post already warned its clients about the phishing emails campaign. The malware experts believe that these fraudulent emails are coming from Russia. The ABC representatives informed the public that the cause of the 30 minutes of stand-by programming was an IT security issue.
The Malicious Emails
According to the media manager of Telstra Queensland, Matthew Martyn-Jones, the emails of the staff had been targeted several weeks earlier; however the attempts were not successful. He further stated that this incident should make people more cautious about the messages that they receive.
The Australian PC users are subject of serious and frequent ransomware attacks. The crypto-malware attacks tend to lock up the information on the compromised computers, and demand a ransom. The security company Symantec has issued a report, according to which in the period May – September these threats in Australia increased with more than 1300 %.
The company further confirmed fake emails from local service providers are also common for that part of the world. The PC users that were targeted were mainly clients of the Australian Postal Delivery Company and the Australian energy supplier. These customers were tricked into checking a fake bill or looking at the details of a parcel delivery. Once the link from the malicious message was accessed by the victims, they were offered to download an archive expected to contain the service supplier notification. That file, de fato, turns out to be ransomware, which once opened encrypts the hard disk data and sends a demand for payment.
The malware experts point out that one of the best methods to make sure that the user’s PC data is safe when it is targeted by crypto malware, is to make backups and to update them on a regular basis. The threats will not steal the information; they will lock it up. This means that after the malware is removed, the users can restore the data from the backup file they have.