On Guard Against the ONION Blackmail Software Virus Attacks Emergency Notification
Dear Campus Network Users:
Recently many domestic colleges and universities (including a number of units at Shandong University) has been affected by the ONION Blackmail Software Infections, although disk files are encrypted for virus. The ONION suffixes, the extortion software use of high-strength encryption algorithm and is hard to crack. The purpose of this ONION virus is to get money from your PC. It will first blackmail all your files and the attacked will have to pay a high ransom to restore files decryption because there is no other way to decrypt files, which causes serious damage to study information and personal data. Essentially, whatever you want to open you will receive a warning message that these files are encrypted and you are required to apply decryption key to open them, then you will have no choice but to buy the decryption key, but be warned this wonĄŻt solve the problem.
According to the network security agencies, this is the use of the NSA hackers Arsenal leakage "eternal blue" launched by the virus attacks and is a extremely harmful data encryption.
If this virus gets into the computer system, it is able to infect all parts of the computer system, including all the files and programs. In our school the infected machines is the operating system, office software which will affect the overall security of the computer system or network in which the hole resides, therefore updates security patches in a timely manner. The second, is the port that is not commonly closed. Thirdly, is the lack of personal network security consciousness, where one does not practice the habit of backing up documents regularly.
The campus is warning network users:
1. Microsoft has now released a repaired patch MS17-010 "the eternal blue" attack system vulnerabilities, the masses of teachers and students, are required as soon as possible to please install this patch to their computer, https://technet.microsoft.com/zh-cn/library/security/MS17-010; for XP, 2003. In addition, Microsoft is no longer providing security update for machines, it is therefore recommended to use 360 NSA arsenals immune tool detection system "whether there is a loophole, close the port, the operating system/ holesĄ± which can be avoided by extortion software such as viruses. For Immune tools you should download address: http://dl.360safe.com/nsa/nsatool.exe.
2. Install the original operating system, Office software, etc. Provide genuine software for faculty, school informatization office website, for details please visit informatization office download, install, activate, and set the automatic vulnerabilities patch upgrade to automatic installation;
3. Close the port 445, 137, 138, 137, shut down the network sharing;
4. Strengthen the awareness of network security. Network security is on your side and always beware of ": don't click on links, don't download unknown file...
5. As soon as possible (and in the future) and on a regular basis always backup your important files on a computer data mobile hard disk/U disk/network location.