WannaCry makes Telkom clients shed some tears
HI-TECH HIJACK: Hackers are coining it by seizing control of computers and demanding ransoms TELKOM’S cybersecurity team went into overdrive last week when the company was targeted in the global WannaCry ransomware attack.
Telkom spokeswoman Jacqui O’Sullivan said the computer virus attack crippled some customer platforms, which were restored only on Thursday.
But the company thwarted attempts by the WannaCry hackers to freeze its systems so they could hold it to ransom.
The hackers, linked by some cybersecurity analysts to North Korea, used a software tool stolen from the US National Security Agency known as EternalBlue to launch what became one of the most devastating cyberattacks in recent history.
Telkom was among many companies and organisations believed to have been targeted in South Africa, although few have been willing to admit it. IT security experts warned that further attacks were likely, and said the government and its agencies were particularly at risk due to their failure to upgrade software.
EternalBlue exploits a vulnerability in Microsoft’s Windows operating system. Microsoft says the vulnerability has been fixed in recent updates to Windows X.
Major companies and organisations, including hospitals, in Europe, the US and Asia were crippled last week by WannaCry. In many cases victims paid the bitcoin ransom demanded our priority was the protection of our customers’ data and assets. It’s been quite an experience to see a virus like this in action and the sheer number of personnel hours and resources it can consume.”
Guy Golan, MD of cybersecurity company Performanta, in Midrand, Gauteng, described the impact of the ransomware attack as dire.
“Major [South African] organisations were hit. They will never talk about it because they are embarrassed and worried about the damage to their reputations,” he said.
“If the NSA methods have been leaked into the hands of the bad guys, they will continue to use and abuse the systems to get financial reward,” he said.
Craig Rosewarne, of Wolfpack Information Risk, said: “Software updating is a key thing. Government is very slow [to update systems] and the state of information security in general is quite poor.”
Last month, Highway Hospice in Durban fell victim to a ransomware attack from a different virus to WannaCry.
Hospice CEO Linda Webb said the hacker initially demanded three bitcoins — the equivalent of about R79 000 — to unlock the computer system.
“The first thing we did was to make contact, explaining that we care for terminally ill patients. His response was: ‘OK, make it two bitcoins then,’ ” Webb said.
The NGO was able to save some of its information, but lost its photographic archive.