The Australian Cyber Security Centre (ACSC) has warned people and businesses to remain vigilant of the Emotet malware as it continues to respond to the "widespread malware campaign".
Late last month the ACSC said it had received dozens of confirmed reports of the malware coming from different organisations, including critical infrastructure providers and Australian government agencies.
“There are two concerning cyber security threats in the wild," head of ACSC Rachel Noble said. "While we have seen a drop in the number of Emotet infections in the last week, people and businesses should remain vigilant."
The ACSC has downgraded its alert level from level 3 down to level 4, which means a precautionary approach through increasing monitoring, analysis, and strategic coordination and engagement at the national level.
“While you are watching your TV or eating dinner with your family, a cyber criminal can use your computer to mine and profit from untraceable digital currency, and you may never know that this has occurred," Noble said.
“While we have helped many organisations mitigate the impact of Emotet in its current form, like most forms of malware and ransomware, Emotet may continue to evolve as cyber criminals seek to evade detection and the law.”
Emotet infects machines mostly through Microsoft Word documents but there have been reports of PDFs being used to spread the malware, an ACSC advisory said. After infecting a device it attempts to spread within a network.
Noble also said there were concerns over reports that cyber criminals are exploiting the BlueKeep vulnerability to access computers and control them to mine cryptocurrency.
The ACSC issued a warning in September urging Australians to patch older versions of Windows systems. Bluekeep affects older versions of Windows operating systems including the Windows Vista, Windows 7, Windows XP, Server 2003 and Server 2008.
The Bluekeep vulnerabilities were so serious that Microsoft made the unprecedented decision to deliver patches not only to still-supported versions of Windows, including Windows 7, but to the outdated Windows XP, which was retired more than five years ago.
“A few minutes updating your software could save you or your business weeks or months of recovering from the damage caused by a cyber criminal," Noble said.
“I urge all Australians to remain vigilant about Emotet, BlueKeep and other forms of viruses or vulnerabilities. The threat is real, but there is something you can do about it."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.