The Government of Grenada is advising public officers and other users of computers using Microsoft Windows as their operating system, to exercise extreme caution when accessing email attachments, particularly from unknown senders.
The word of caution is issued against the backdrop of a current cyber threat which can compromise Windows machines through Microsoft Office files such as Word, Excel, PowerPoint and RTF.
The recently-launched Cyber Security Incident Response Team (CSIRT) advises that the safest option is to refrain from opening emails and downloading attachments from unknown senders.
Explaining the gravity of the threat, IT Officer in the Ministry of ICT and member of CSIRT Gnd. Jervis Dabreo said, “Computers and computer networks and servers can become compromised if a user downloads or opens a malicious file. This action can result in malicious codes being executed and the attacker gaining access to the computer with the privileges of the logged-in user. Some servers are also Windows-based and as such, if a computer within the network becomes compromised, the server can also be at risk.”
Persons at all levels within Government and other organisations, especially those with administrative privileges, are encouraged to be particularly vigilant.
Dabreo further explained that there is no official patch from Microsoft at this time, but the company has issued a workaround which can be activated through the following steps, to mitigate the impact of the current threat.
- Step #1: Run Command Prompt as Administrator.
- Step #2: To back up the registry key, execute the command “reg export HKEY_CLASSES_ROOT\msmsdt filename”
- Step #3: Execute the command “reg delete HKEY_CLASSES_ROOT\ms-msdt /f”
Dabreo is recommending that the workaround be activated by all IT officers within Government, as a matter of urgency. Other organisations and members of the private sector are similarly encouraged to be proactive in enabling the workaround to avert the potential cyber threat.
The Ministry of ICT and the Cyber Security Incident Response Team will continue to closely monitor the current threat and provide further advisories as they become necessary.
Comment on post