This “BlueLocker” Ransomware Attack is On the Rise in Pakistan: National CERT

This “BlueLocker” Ransomware Attack is On the Rise in Pakistan: NCERT

Ransomware attacks, where malicious software demands digital ransom, are rapidly increasing across Pakistan. In response to this growing threat, the National Cyber Emergency Response Team (National CERT) has issued an urgent new advisory.

Specifically, the advisory highlights a significant surge in incidents involving “BlueLocker” malware. This dangerous ransomware is being used by hackers to target organizations, often infiltrating systems through unverified platforms and virus-infected files, all to extort payments. The consequences are severe, ranging from the complete shutdown of business operations to the irreversible loss of critical data.

National CERT has issued a stark warning: BlueLocker ransomware is highly sophisticated. It can disable existing antivirus protection, rapidly spread across entire networks, and even steal sensitive data. The malware primarily spreads through various channels, including trojanized downloads, deceptive phishing emails, unsecured file-sharing platforms, and compromised websites. Its main targets are Windows-based systems – desktops, laptops, servers, corporate networks, and cloud storage. The threat level for BlueLocker is currently rated as “extremely high.”

To combat this threat, National CERT strongly recommends that all organizations implement robust multi-factor authentication (MFA) systems to bolster security. They also advise deploying advanced email filtering solutions to scrutinize links and attachments thoroughly. In the unfortunate event of a cyberattack, the immediate advice is to disconnect shared drives and backups, ensuring they remain offline and secure. Furthermore, institutions are urged to preserve all forensic evidence to aid potential investigations and to continuously strengthen their overall preventive measures against ransomware.

Beyond technical measures, National CERT emphasizes the critical role of human vigilance. Organizations must prioritize training employees to identify suspicious emails and links. It’s crucial to maintain up-to-date system defenses and foster a culture of heightened institutional awareness. A key directive is to avoid downloading files from unverified sources and to never click on questionable attachments, as these methods remain the most frequent entry points for ransomware.

The seriousness of the situation is underscored by Director General Dr. Haider Abbas, who has personally dispatched warning letters to 39 crucial ministries and key institutions across Pakistan. This includes top government bodies like the Cabinet, Interior, and Foreign Affairs ministries, NECTA, FIA, the National Security Division, and many more, urging them to take immediate and decisive action to prevent these cyberattacks.