Cyber Security Alert – CryptoPHP
Alert: SEVERE – Widespread Current Cyber Attack or Breach suggesting immediate action
What: Vulnerability affecting web site using popular content engines such as Joomla, WordPress and Drupal themes and plug-ins to allow a malicious Crypto attack to occur on unsuspecting users. We have been following this for a while and have noticed a recent increase in these attacks. A user could become attacked by visiting an infected web site or web page which results in the installation of software that will attempt to encrypt some or all of the users work product files making them useless to the user. Estimates are that as many as 10% of web sites may be affected.
Take the following steps to protect:
- Send this to your web administrator to ensure your site is patched correctly.
- Be aware of sites that may not be protected and refuse ANY attempt to install ANY software on your computer
- Ensure your workstations, servers and other technology are patched to current.
- Ensure your backups have revision history turned on and have been recently tested.
- Deploy anti-virus software that provides protection against these attacks.