16 April 2020 – On 16 April 2020, the National Cyber and Information Security Authority issued a warning of imminent and serious cyber-attacks on information and communication systems in the Czech Republic, particularly on healthcare systems.
According to the Office, these attacks can be expected in the coming days – indications already exist that the preparatory phase for such attacks is underway, chiefly through a spear-phishing campaign.
In connection with this threat, the Office urgently recommends the following:
- Alert users about the spear-phishing threat and ask all staff who have opened any suspicious attachments in recent days to consult with their IT departments,
- Notify users of the possibility of phishing campaigns "masking" the file extensions of executable files – for example "image.png.exe", "text.txt.exe", "document.pdf.exe", etc.
- Prevent, as far as possible, active content and macros via central settings, especially in .doc and .docx documents,
- Block remote access to infrastructure and block open services to public networks (excluding those which are strictly necessary) Public IP ranges can be checked via the available search engines of devices connected to the network),
- Create offline backups of files, with a primary focus on your organisation's most important data,
- Check and verify existing backup copies and update your infrastructure-wide antivirus and firewall solutions.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.