Advertisement
Advertisement
Cybersecurity
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
Experts say the attack used software stolen from the US’s intelligence gathering National Security Agency. Photo: EPA

Impact of global cyberattack could strike Hong Kong on Monday morning, security experts warn

Britain’s public hospitals among highest-profile victims of global ransomware attack, with thousands of computers affected and more expected when people return to work after the weekend

A fast-moving and aggressive global cyberattack – the impact of which may be felt more keenly in Hong Kong on Monday morning when people return to work – has already affected almost 100 countries and hit the Asia region badly.

Britain’s public hospitals were among the highest-profile victims because the attack had profound life and death consequences.

Schools and universities on the mainland were also affected, state media reported.

Attley Ng, senior vice president of NSFOCUS Asia Pacific, a network security solutions company, said: “China was hit very hard. The attack was very widespread, especially in the higher learning and education sector, resulting in an almost complete paralysis of systems there.”

Others hit include Spain’s Telefonica, a global internet and telecommunications firm. The virus also affected production lines at carmakers Nissan and Renault, while the information screens at the stations of German national rail operator Deutsche Bahn were downed.

The pattern of attacks appeared to be random in nature and broadly spread among countries, government institutions, corporations and individuals.

Thousands of computers across Asia were said to be affected with more reports expected when people return to work after the weekend, security experts said.

The attack, known as “ransomware” used a technique which locks a user’s computer or file unless the victim pays a ransom, usually in the digital currency bitcoin, the criminal’s choice of payment where recipients are virtually untraceable.

Within 24 hours, the attack, which started on Friday, had spread to at least 99 countries with more than 75,000 victims, according to cybersecurity firm Avast.

Unlike a traditional attack which affects a single device, the ransomware virus targets networks, potentially affecting all computers in a company, and even spreading to backup files.

Experts said the ransomware appeared to have stemmed from software stolen from the US’s intelligence gathering National Security Agency.

Bryce Boland, Asia-Pacific chief technology officer at US cybersecurity firm FireEye, said: “What makes this event so significant is the use of a vulnerability that allows the ransomware to spread rapidly within an [unprotected] organisation.”

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), which responds to cybersecurity events, said one home-based user had come forward, becoming the only victim in the city so far.

The Hong Kong police said it had not received any reports.

Michael Gazeley, managing director of local cybersecurity service provider Network Box, said he received calls from major companies throughout Saturday seeking help.

“Hong Kong will get absolutely hammered by this attack. This attack is global and it’s only going to get worse as the virus is evolving,” he warned.

“This is happening just before a weekend in Asia. By Monday, someone will go back to work, click a link on an email, and wipe out the company.”

HKCERT backed up the assertion that the threat could still attack companies as people return to work this week.

The Office of the Government Chief Information Officer said it had not received any report from government-related security breaches. It added that it has stepped up surveillance on security threats, while reminding all departments to take measures to safeguard against ransomware.

Legislator Charles Mok, representing the IT sector, said he doubted that the government had not been affected and questioned whether it had robust cybersecurity protection after a similar number of attacks over the past couple of years.

This is happening just before a weekend in Asia. By Monday, someone will go back to work, click a link on an email, and wipe out the company
Michael Gazeley, managing director of Network Box

“There is very little information disclosure. From the government’s point of view they might not want to say too much,” Mok said.

Citing previous hacking attacks on the government, Mok said: “The authorities say everything is safe and under control. Are we reassured? I don’t know, and the threat is always out there.”

Microsoft, with thousands of customers who use its affected operating system, rushed out security advice. It described the incident as “painful”.

Users are urged to update their software to ensure protection.

“The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits,” Europol, Europe’s policing agency, said as authorities were responding in the immediate aftermath of the online event.

Legislator Charles Mok, representing the IT sector, said he doubted whether the government not been affected and questioned whether it had robust cybersecurity protection after a similar number of attacks over the past couple of years.

“There is very little information disclosure. From the government’s point of view they might not want to say too much,” Mok said.

Citing previous hacking attacks on the government, Mok said, “The authorities say everything is safe and under control. Are we reassured? I don’t know, and the threat is always out there.”

Microsoft, with thousands of customers who use its affected operating system, rushed out security advice. It described the incident as “painful”.

“The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits,” said Europol, Europe’s policing agency, as authorities start to respond to the immediate hacking attack.

Additional reporting by Alun John, Raymond Yeung, Reuters, Agence France-Presse and Associated Press

This article appeared in the South China Morning Post print edition as: Hong Kong warned to brace for impact of cyberattackHong Kong warned to brace for impact of cyberattack
Post