WannaCry ransomware: About 500 Singapore IP addresses may be affected, CSA says

WannaCry ransomware: About 500 Singapore IP addresses may be affected, CSA says

The affected computers in Singapore may not have had their files encrypted because of the 'kill switch' that allowed one researcher to inadvertently limit the spread of the ransomware, CSA says, but added that affected users will still need to patch and clean up their systems.

SINGAPORE: About 500 Singapore IPs could thus far have been affected by the WannaCry ransomware attacks that began last Friday and hobbled big organisations in Europe and Asia, said the Singapore Computer Emergency Response Team (SingCERT) from the Cyber Security Agency of Singapore (CSA) on Tuesday (May 16).

The ransomware locks users' files and demands that they pay attackers a designated sum in the virtual currency Bitcoin.

However, the affected computers in Singapore may not have had their files encrypted because of the "kill switch" that allowed one researcher to inadvertently limit the spread of the ransomware, said Dan Yock Hau, director of the National Cyber Incident Response Centre, which is a unit of CSA.

"Affected users will still need to patch and clean up their systems," he said, adding that SingCERT is working with IMDA and internet service providers (ISPs) to inform the potentially affected users.

Mr Dan added that, as of Tuesday afternoon, no critical information infrastructure has been affected.

There were no calls asking for help to recover from the ransomware, CSA said, adding that SingCERT received a small number of calls from businesses and members of the public wanting to find more about ransomware prevention and patching.

CSA said it would continue to monitor the situation closely.

Bookmark