Microsoft: Cyber-attack ‘ wake-up call’ for govts
> Ransomware cases reported in Asia
WASHINGTON: Officials across the globe scrambled over the weekend to catch the culprits behind a massive ransomware worm that disrupted operations at car factories, hospitals, shops and schools, while Microsoft on Sunday pinned blame on the US government for not disclosing more software vulnerabilities.
Cyber security experts said the spread of the worm dubbed WannaCry – “ransomware” that locked up more than 200,000 computers in more than 150 countries – had slowed but that the respite might only be brief amid fears new versions of the worm will strike.
In a blog post on Sunday, Microsoft president Brad Smith appeared to tacitly acknowledge what researchers had already widely concluded: The ransomware attack leveraged a hacking tool, built by the US National Security Agency (NSA), leaked in April.
“This is an emerging pattern in 2017,” Smith wrote.
“We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.”
He also poured fuel on a long-running debate over how government intelligence services should balance their desire to keep software flaws secret – in order to conduct espionage and cyber warfare – against sharing those flaws with technology companies to better secure the internet.
“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” Smith wrote.
He said governments around the world should “treat this attack as a wake-up call” and “consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits”.
Asian governments and businesses reported some disruptions from the WannaCry worm yesterday but far less than feared.
In China, payment systems and government services reported some outages from the ransomware attack.
Japan’s National Police Agency reported two breaches of computers in the country on Sunday – one at a hospital and the other case involving a private person – but no loss of funds.
In India, the government said it had only received a few reports of attacks on systems and urged those hit not to pay attackers any ransom.
At Indonesia’s biggest cancer hospital, Dharmais Hospital in Jakarta, around 100 - 200 people packed waiting rooms after the institution was hit by cyber attacks affecting scores of computers.
South Korea’s presidential Blue House office said nine cases of ransomware were found in the country.
In Australia, the government said just three businesses had been hit by the bug. – Reuters