WannaCry? Please Don’t, We’ve Got You Covered. Your Local Guide To Facing The Latest Global Cyber Threat

0
3851
wannacrybanner.jpg

It’s the latest virtual threat hitting computers all over the world, but what is it?

In the past week, a global virus – known as WannaCry – has been attacking digital devices all over the world, and Singapore has not been spared from it.

Fortunately, Channel NewsAsia reports that no local government agencies or “critical information infrastructure” has been compromised, which means that our sensitive national data is safe. However, not all organisations in Singapore had the same fortune.


Source

Tiong Bahru Plaza and White Sands, along with a Desigual outlet in Orchard Central were the few local establishments affected by the virus.


Source

Naturally, this cyber threat has captured the attention of relevant authorities. In a press release, Mr David Koh, chief executive of the Cyber Security Agency of Singapore said: “This is an issue of national importance and we will take all the necessary measures to counter the spread of the ransomware and help businesses and members of the public prevent or recover from it as quickly as possible.”

 

How Does It Work?

As seen in the screenshot below, the virus – also known as Wannacrypt0r – creates a ransom situation. Using a loophole in the Microsoft system called Eternal Blue, the virus encrypts and locks the data within one’s device, and holds the user “ransom” in order to get the restricted data back.


Source

A countdown timer will then appear and ransom price will increase as time passes. Once the timer finishes, all data within the device will be destroyed and lost. According to the instructions on the timer, payment is made via bitcoin, an online currency that is currently untraceable.

So far, the virus only targets Microsoft-operated devices, and does not seem to affect Apple related products. Specifically, the virus is spread through file-sharing technology known as the Microsoft Server Message Block (SMB). According to the Singapore Computer Emergency Response Team (SingCERT), the moment a single device within a network is infected with the “ransomware”, it goes on to infect other unprotected devices.

Interestingly, a cryptic tweet has revealed links of the virus to a hacker group known as Lazarus, which is believed to be associated with the North Korean government

 

What Can You Do?

While a young British computer expert has discovered a “kill switch” to disable the virus, you should not let your guard down. There are still new variants of the software appearing in the online space. In fact, Reuters has reported that a new variant of the virus has emerged, which has infected 3,600 computers in one hour.

So, if your computer is infected, put that mouse down, and don’t panic. An advisory by SingCERT recommends users to “rebuild” their device. This can be done by immediately disconnecting their computers and conducting a clean installation of the system, followed by a restoration of backup data.

Alternatively, you can call the emergency hotline provided by SingCERT and your local internet service providers:

  • For Singtel:

    • For Customers: 1688

    • For SMEs: 1606

  • For StarHub:

    • For customers: 1633 (24 hours)

    • For SMEs:1800 888-8888

  • SingCert:

    • 63235052

Still, prevention is better than cure. So, avoid opening suspicious emails or files from an unknown source, and make backup copies of your critical files as much as possible. Also, you could down a patch update released by Microsoft that fixes the loophole of the virus.

Stay online, but stay safe!