A ransomware attack is when an attacker restricts access to files and systems by encrypting them into a locked and unusable format. The encrypted files are then held for ransom. In some cases, even when the ransom has been paid, the data may not be destroyed, is sold to a third party or made publicly available.
What do I need to do?
Please speak with your IT department or your IT service provider to ensure your organisation is following best practice security controls to mitigate against this threat e.g., implementing multifactor authentication and establishing regular patching on servers.
Where can I get more information?
You can get more information about the specifics of the BlackCat ransomware and recommended actions from the VPDSS SharePoint Site. In addition, consider subscribing to Australian Cyber Security Centre’s Alert Service to receive alerts about the latest threats and vulnerabilities within an Australian context, and how to address cyber risks here https://www.cyber.gov.au/partner-hub/acsc-partnership-program