[Important Security Alert] Beware of "Erebus" Encryption Blackmail Attacks
Posted Date 06/21/2017
According to foreign media, Nayana was attacked by Linux blackmail software Erebus on June 10. There were 300 servers that have been encrypted, and thousands of websites were affected. The attackers encrypted the servers that store raw data and backups, making it impossible for the company to recover data with backup, which has a huge impact on the company's business and its customers.
Alibaba Cloud Anti-DDoS would like to remind you to focus on the encryption extortion incident, examine your business system in advance, strengthen your security and do preventive measures:
1. Alibaba Cloud users please back up your important data using ECS snapshots or other methods as soon as possible. It is recommended to use off-site full backup of all files, and store files in two different formats;
2. Use Anti-DDoS and Server Guard to detect and repair vulnerability, and use WAF to carry on the web security protection;
3. Use ECS Security Group function to control the access of high-risk ports, and close the unnecessary service ports;
4. Install anti-virus software and high-risk patches of operating system and software, such as: “Dirty COW” kernel patch, Struts2 patch, Apache patch;
5. Assign minimum permissions to applications, restrict programs from modifying the system, and prevent unauthorized use.
If you have any questions or concerns, please contact us by submitting a ticket.
Alibaba Cloud Anti-DDoS would like to remind you to focus on the encryption extortion incident, examine your business system in advance, strengthen your security and do preventive measures:
1. Alibaba Cloud users please back up your important data using ECS snapshots or other methods as soon as possible. It is recommended to use off-site full backup of all files, and store files in two different formats;
2. Use Anti-DDoS and Server Guard to detect and repair vulnerability, and use WAF to carry on the web security protection;
3. Use ECS Security Group function to control the access of high-risk ports, and close the unnecessary service ports;
4. Install anti-virus software and high-risk patches of operating system and software, such as: “Dirty COW” kernel patch, Struts2 patch, Apache patch;
5. Assign minimum permissions to applications, restrict programs from modifying the system, and prevent unauthorized use.
If you have any questions or concerns, please contact us by submitting a ticket.