Businesses in Jersey are being urged to follow security advice, after some of the world's biggest firms became victim to a major cyber attack this week.
The 'Petya' ransomware attack has hit companies in the UK, US, Russia, France and Germany, with the owners of a building supplies store in Jersey among the victims.
Victims have their important files held to ransom, with hackers demanding $300 in bitcoins for access to them.
The Jersey Financial Services Commission says it has received reports of malware being distributed by phishing emails locally.
The commission has issued the following advice to organisations, to reduce the risk of an attack:
- Back up the data that matters to you and test the backups. These should be kept disconnected or offline so they can’t become infected.
- Ensure that ransomware cannot spread to backup systems.
- Keep your organisation's security software is up-to-date. Every organisation must ensure its IT systems are regularly updated.
- Remove or disable unnecessary network services to reduce the potential attack surface.
- Do not download files or programs from unknown websites or sources.
- Reduce access rights and control to authorised personnel only.
- Report but do not forward any suspicious emails, to your IT or Security Departments.
- Be vigilant when opening attachments, as viruses can be embedded in files.
- Trust your instincts. If an email seems suspicious, even if it’s from someone you know, do not open it and report it.
- If you do open an email or click a link you think is suspicious, inform your Security Team or IT immediately.
- Never succumb to the pressure to pay the ransom to regain access to their applications and data. There is no guarantee that cyber criminals can or will unlock files.
- Be alert. Think before you click.
For more advice and information, visit the National Cyber Security Centre website.