Global ransomware attack hits third Hong Kong system

Experts warn Hongkongers to take preventative measures as ‘WannaCry’ cyberattack affects more than 100,000 computers worldwide

PUBLISHED : Monday, 15 May, 2017, 10:55am
UPDATED : Monday, 15 May, 2017, 11:46pm

A global cyberattack has claimed at least one more victim in Hong Kong, bringing the total to three reported cases as people returned to work on Monday morning.

Cybersecurity experts warned users whose computers were hit by the latest “WannaCry” ransomware not to pay the ransom to retrieve locked files. They advised Hongkongers to take preventive measures as the malicious software had already showed signs of evolving.

The malware spread to three individuals in Hong Kong who had not installed the latest security updates on their Windows 7 operating systems and were directly connected to the internet, according to the Hong Kong Computer Emergency Response Team (HKCERT), which handles cybersecurity incidents in the city.

Chinese police and petrol stations hit by ransomware attack

Globally, WannaCry has affected more than 100,000 PCs since Friday and hit public institutions and corporations, including Britain’s National Health Service, Spanish telecoms giant Telefonica, and schools and universities on the mainland.

“This malware is different from previous ones where users got hacked only if they downloaded a file in an email or clicked on a link. [WannaCry] requires no active action at all, which makes it much more intrusive,” said HKCERT’s Leung Siu-cheong, who specialises in cybersecurity.

Leung explained that the programme actively scans the internet for users who do not have the latest security updates to block malicious internet traffic, and that computers with antivirus software installed could still be vulnerable.

Watch: New version of ransomware worm expected

Infected users will see a pop-up message that says their computer files have been encrypted and will be unlocked only if they pay a ransom in Bitcoin, a digital currency. This method of payment means recipients are virtually untraceable.

Leung and IT sector lawmaker Charles Mok warned users not to pay the ransom as there was no guarantee that access would be granted afterwards.

“It also means you would be supporting and funding these hackers to do their research,” Mok said.

Individuals and small to medium-sized businesses with outdated operating systems are most at risk, with the city likely to feel the brunt of the impact as people return to work on Monday.

Is your PC up to date? Home computers exposed as global cyberattack threat builds

The two also warned Hongkongers to take preventive measures as the fast-spreading ransomware had already showed signs of evolving to work around quick fixes.

“Hongkongers need to get into the habit of installing the latest security updates and making backups of their files. Just because you were not infected this time doesn’t mean you are safe from the next attack or other malware,” Mok said.

Four simple steps to guard against malware

Step 1: CHECK that ports “139” and “445” are disabled for public access in your Wi-fi router and internet firewall, as both could leave a hard disk exposed to hackers.

Step 2: DISCONNECT your computer from the internet or local area network (LAN). If using a wireless internet connection, switch off your router.

Step 3: BACK UP all important files onto an external storage device then physically disconnect it from your computer.

Step 4: UPDATE your Windows operating system with the latest security patch; the most recent from Microsoft is the “MS17-010” patch, which was released in March.

If your computer is infected and you need assistance, call the Hong Kong Computer Emergency Response Team at 8105 6060 to report the case.