Is your PC up to date? Home computers exposed as global cyberattack threat builds

Those with older operating systems or lacking in IT support vulnerable to aggressive ransomware

PUBLISHED : Sunday, 14 May, 2017, 7:54pm
UPDATED : Monday, 15 May, 2017, 11:18am

Small to medium-sized businesses and home computer users are urged to step up preventive measures against an aggressive global cyberattack that could hit Hong Kong as people return to work Monday after the weekend.

The simplest precautionary measures include “patching” one’s operating systems with the latest security updates and enabling firewalls to block malicious internet traffic, cybersecurity experts said.

Their warnings came as the Hong Kong Computer Emergency Response Team (HKCERT), which handles cybersecurity incidents in the city, recorded two victims of the latest “WannaCry” ransomware attacks over the weekend.

Hong Kong regulator SFC seeks input on tighter cybersecurity measures

“The two cases were individual users operating on Windows 7,” HKCERT general manager Wilson Wong said. “In both cases, they did not have firewalls, did not update their patches and were connected directly to the internet.”

The malware has spread to more than 100,000 PCs around the world since Friday and hit public institutions and corporations including Britain’s National Health Service, Spanish telecoms giant Telefonica, and schools and universities on the mainland.

If you suspect your computer has been infected, whether at home or at the office, unplug it immediately
Wilson Wong, Computer Emergency Response Team

The pattern of attacks appeared to be random in nature and targeting networks, potentially affecting all computers within an organisation and even spreading to backup files. Computer files are encrypted and a ransom in Bitcoin is demanded.

“If you suspect your computer has been infected, whether at home or at the office, unplug it immediately and make sure it is not connected to the internet or other computers,” Wong added.

IT sector lawmaker Charles Mok said most public institutions in Hong Kong were diligent in updating their software. His bigger concern centred on small and medium-sized firms as well as home users, whom he said were usually more lax about cybersecurity.

“Many SMEs are at high risk, especially if they’re using older operating systems and don’t have an IT department or someone managing their network,” he said.

Hong Kong Information Technology Federation councillor Eric Fan Kin Man urged users to back up files on a separate external drive and patch operating systems with legal software. Microsoft’s latest security update is the MS17-010 patch, released in March.

On Saturday, Microsoft issued a rare fix to protect out-of-support products such as Windows XP, Windows 8 and Windows Server 2003.

Four simple steps to guard against malware

Step 1: CHECK that ports “139” and “445” are disabled for public access in your Wi-fi router and internet firewall, as both could leave a hard disk exposed to hackers.

Step 2: DISCONNECT your computer from the internet or local area network, or LAN. If using wireless internet, switch off your router.

Step 3: BACK UP all important files onto an external storage device, then physically disconnect it from your computer.

Step 4: UPDATE your Windows operating system with the latest security patch; the most recent from Microsoft is the “MS17-010” patch, which was released in March.