Expect 'landmines in your inbox' this morning

Asian businesses report impact from weekend worm attack that hit 200,000 computers in more than 150 countries

By REUTERS
May 15, 2017 09:58
3 minute read.
Cyber hacking

Cyber hacking (illustrative). (photo credit: INGIMAGE)

 
X

Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analysis from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user experience almost completely free of ads
  • Access to our Premium Section
  • Content from the award-winning Jerusalem Report and our monthly magazine to learn Hebrew - Ivrit
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief

UPGRADE YOUR JPOST EXPERIENCE FOR 5$ PER MONTH Show me later

Asian governments and businesses reported some disruptions from the WannaCry ransomware worm on Monday but cybersecurity experts warned of a wider impact as more employees turned on their computers and checked e-mails.

The ransomware that has locked up more than 200,000 computers in more than 150 countries has been mainly spread by e-mail, hitting factories, hospitals, shops and schools worldwide.

"Most of the attacks are arriving via e-mail, so there are many 'landmines' waiting in people's in-boxes," said Michael Gazeley, managing director of Network Box, a Hong Kong-based cybersecurity company.

In China, the world's second-largest economy, energy giant PetroChina said payment systems at some of its petrol stations were hit, although it had been able to restore most of the systems. Several Chinese government bodies, including police and traffic authorities, reported they had been impacted by the hack, according to posts on official microblogs.

The official China Daily newspaper, citing Chinese tech firm Qihoo 360, said that at least 200,000 computers had been affected in China, with schools and colleges particularly hard-hit.

A spokesman for the Hong Kong Exchanges and Clearing, one of the region's biggest bourses, said all systems were so far working normally. "We remain highly vigilant," he said.

Companies have warned users and staff not to click on attachments or links. One school in South Korea barred its pupils from using the internet. Taiwan's government appeared to have escaped major infection, possibly because regulations there require all departments to install software updates as soon as they are available.

South Korea's presidential Blue House office said nine cases of ransomware were found in the country, but did not provide details on where the cyber attacks were discovered.

In Australia, Dan Tehan, the government minister responsible for cybersecurity, said just three businesses had been hit by the bug, despite worries of widespread infection. There were no reported cases in New Zealand.

BRIEF RESPITE
New version of ransomware worm expected (credit: REUTERS)

Cybersecurity experts said the spread of the ransomware had slowed since its appearance on Friday but that the respite might only be brief.

For one thing, the attackers or copycat attackers may have developed new versions of the worm, although a British-based security researcher who thwarted an earlier version of the worm told Reuters most of these reports had been proven false.

In Hong Kong, Gazeley said his team had found a new version of the worm that didn't use e-mail to lure victims.

Instead, it loaded scripts onto hacked websites where users who clicked on a malicious link would be infected directly. He said it was too early to tell how many websites had been affected.

Gazeley added that several major companies in Asia had been hit by the ransomware, but "the last thing they want to do is come out in public and admit it." He declined to elaborate.

In a blog post on Sunday, Microsoft President Brad Smith appeared to tacitly acknowledge what researchers had already widely concluded: The ransomware attack leveraged a hacking tool built by the US National Security Agency, that leaked online in April.

The non-profit US Cyber Consequences Unit research institute estimated that total losses would range in the hundreds of millions of dollars, but not exceed $1 billion.

Most victims were quickly able to recover infected systems with backups, said the group's chief economist, Scott Borg.

Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too difficult to patch without possibly disrupting crucial operations, security experts said.

Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks, a rare and powerful feature that caused infections to surge on Friday.

Join Jerusalem Post Premium Plus now for just $5 and upgrade your experience with an ads-free website and exclusive content. Click here>>

Related Content

Workers strike outside of the Teva building in Jerusalem, December 2017
December 18, 2017
Workers make explosive threats as massive Teva layoff strikes continue

By MAX SCHINDLER

Cookie Settings