Asia hit by WannaCry virus at week’s start, disrupting govt services & business

15 May, 2017 14:17 / Updated 7 years ago

Asian governments and businesses continued to be disrupted by the WannaCry ransomware on Monday, the media reported, citing officials. China, Japan, South Korea, and India have all seen an impact from the computer virus epidemic that erupted on Friday.

Some Chinese government sectors, including traffic, police, immigration, social security, and industry, were also hit by the virus, Reuters reported, citing microblogs.

According to local media, the social security departments in the south-central city of Changsha and industrial associations in the city of Zhuhai in the country’s south were affected.

AP cited Chinese state media as saying that some 29,372 institutions have been affected by the virus so far.

Oil and gas company PetroChina said some of its stations were affected, but the company has already restored the majority of its systems.

“The growth rate of infected institutions has slowed significantly on Monday compared to the previous two days,” Chinese Internet security company Qihoo 360 said, as cited by Reuters. “Previous concerns of a wide-scale infection of domestic institutions did not eventuate.”

The virus is still spreading, affecting industry and government computer systems, but slowly, Cybersecurity Administration China (CAC) said, as cited by the Chinese media.

Tim Wellsmore, director of threat intelligence, Asia Pacific. at cybersecurity firm FireEye Inc., says his company is examining the victims’ profiles.

“We’re still seeing a lot of victims in the Asia-Pacific region. But it is a global campaign, it’s not targeted,” he said, as cited by Reuters. 

Hong-Kong has been no exception – it was also hit by the WannaCry virus, which is spread mostly via e-mail. According to Michael Gazeley, managing director and co-founder of Network Box Corporation, there are still “many ‘landmines’ waiting in people’s in-boxes” in the region.

“If a system supports some kind critical processes, those systems typically are very hard to patch... We don’t have a precedent from something of this scale [in China],” Marin Ivezic, a cybersecurity expert at PwC in Hong Kong, told Reuters.

Two computer breaches took place in Japan on Sunday, Japan’s National Police Agency reported, as cited by the Japanese media. One case affected a hospital, and the other a personal computer. 

The virus disrupted the work of at least 2,000 computers at 600 locations in Japan on Saturday, Japan’s Computer Emergency Response Team Coordination Center said, as cited by Nikkei newspaper.

Electronics giant Hitachi admitted on Monday that its in-house computer system may have been affected, including at its head office in Tokyo.

Also on Monday, a major South Korean theater chain, CJ CGV, said that some 50 of its theatres had been affected by the malware, Yonhap news agency reported.

“Movies are played by a separate server,” the official said, adding “we plan to normalize the situation as soon as possible.”

At least five South Korean firms reported that the virus had damaged their computers, the Korea Internet & Security Agency said.

The virus prompted the Indian government to shut down hundreds of ATMs in a bid to escape the attack, the country’s Ministry of Home Affairs said, as cited by the India Today. 

Public awareness is “absolutely critical for preventing cyberattacks,” Neil Walsh, the head of the Global Program on Cybercrime launched by the UN Office on Drugs and Crime (UNODC), told RT. “Such threats could theoretically be averted if the public is aware of what a cyberattack looks like and is [cautious] with opening emails and especially emails with attachments that they were not expecting to get,” he said.

At the same time, he warned that the WannaCry ransomware could potentially “propagate further” as people around the world got back to work Monday.

“A challenge with any ransomware or cyberattack is that when people come back to work they turn on potentially insecure systems, which are not updated with the latest security patches. Perhaps, they are unaware of how this threat arises through email or opening attachments,” Walsh said.

He went on to call on all countries to join their efforts in combating cyberthreats “irrespective of politics and politicizing.” He also urged the governments to “use law enforcement channels such as Interpol, Europol and bilateral cooperation as well as to work together politically to help to mitigate these threats.”

On Sunday, Europol Director Rob Wainwright told the ITV network that the cyberattack that began on Friday has hit some 200,000 victims in over 150 countries so far.

“The global reach is unprecedented. The latest count is over 200,000 victims in at least 150 countries, and those victims, many of those will be businesses, including large corporations,” he said.

“At the moment, we are in the face of an escalating threat. The numbers are going up; I am worried about how the numbers will continue to grow when people go to work and turn [on] their machines on Monday morning,” he added.

Tech giant Microsoft recently lashed out at NSA for the role it played in the chain of events that led to the recent WannaCry epidemic.

“We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world,” Microsoft President and Chief Legal Officer Brad Smith said in a blog post on Sunday.

“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem.”

WATCH MORE: