Cyberattack Spreads, Though at Slower Pace
May 15 2017 - 4:35AM
Dow Jones News
By Stu Woo in London, Liza Lin in Shanghai and Eun-Young Jeong in Seoul
Governments and companies reported more infected computers
stemming from Friday's global cyber attack, though fresh fallout
appeared limited so far early Monday after IT departments around
the world kicked off a fourth day trying to determine the scope of
damage and recover from it.
A so-called ransomware attack started ricocheting around the
world Friday, scrambling files and seeking payment to decrypt them
again. The attack mobilized law enforcement and cybercrime agencies
in a global dragnet for the perpetrators.
Late Friday, a British researcher found and activated a "kill
switch" embedded in the code of the virus, slowing its spread,
though computer experts warned new variants were likely.
Companies worked through the weekend to ensure employees were
protected come Monday morning, when officials warned more victims
could be vulnerable. The attack took advantage of vulnerabilities
in Microsoft Corp. software, and many workers early Monday were
asked to reboot their systems to initiate patches.
The attack hit hospitals in Britain, multinationals like FedEx
Corp. and shuttered Renault SA car factories. Victims received
messages saying their computer files had been encrypted and
demanded payment, as little as $300 in online currency bitcoin, to
unscramble them. The malware threatened to destroy the files if
payment wasn't made.
Proofpoint, a Silicon Valley cybersecurity firm with sensors in
major telecom companies and big organizations, said Monday that
there was a lot of traffic to the "kill switch" of the original
worm, which meant individual computers were being infected but not
entire networks. Ryan Kalember, Proofpoint's senior vice president
of cybersecurity strategy, said it didn't appear as if a more
dangerous strain of the worm, without a kill switch, was making its
way around the world.
Tokyo-based conglomerate Hitachi Ltd. reported system failures
at locations in Japan and elsewhere that affected employees'
ability to send and receive emails. Hitachi said it was working to
try to resolve the problems and that it believed they were related
to the Wannacry ransomware.
In China, more government agencies said their operations were
affected as employees returned to work on Monday.
Traffic police in Mianyang, a city in the Southwestern province
of Sichuan, posted a photograph of long queues in its office on its
official Twitter-like blog and asked people to avoid seeking
non-emergency services as its computer network remained down from
the ransomware attack. Other government departments posted
apologies about disruptions to services.
Chinese social media was rife with comments from office workers
tweeting about how their morning had been interrupted as computer
systems had to be upgraded or pulled off the internet first thing
in the morning.
China financial regulators -- the China Securities Regulatory
Commission and China Banking Regulatory Commission -- sent notices
to its subsidiaries for a security upgrade. Search engine giant
Baidu Inc. sent out several warnings to its employees over the
weekend informing them about the attack and were told a security
update would take effect after they restarted their computers.
CJ CGV, one of South Korea's largest movie-theater chains, said
it was hit by WannaCry over the weekend. The company's head of
communications, Hwang Jae-hyeon, said the malware affected its
advertising server, preventing ads from being displayed before the
start of films at 30 locations. The attack hadn't affected ticket
sales or the company's movie-screening schedule, he said.
The Korea Internet & Security Agency, a government entity,
reported 10 cases of affected organizations in the country but
declined to identify them.
--Chao Deng, Grace Zhu and Alyssa Abkowitz contributed to this
article
Write to Stu Woo at Stu.Woo@wsj.com, Liza Lin at
Liza.Lin@wsj.com and Eun-Young Jeong at Eun-Young.Jeong@wsj.com
(END) Dow Jones Newswires
May 15, 2017 04:20 ET (08:20 GMT)
Copyright (c) 2017 Dow Jones & Company, Inc.
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Aug 2024 to Sep 2024
Microsoft (NASDAQ:MSFT)
Historical Stock Chart
From Sep 2023 to Sep 2024