China denies universities hit hard by ransomware

SHANGHAI (AFP) - Chinese authorities have said 66 of the country's universities were affected by the global ransomware attack, but have rejected reports of widespread damage in higher-education computer systems as "malicious" hype.

The China Education and Research Network, which operates under the Ministry of Education, said 66 out of 1,600 Chinese universities were affected, mainly due to operating systems not being regularly upgraded rather than any major security shortcomings in university systems.

The statement issued late on Monday was perhaps the most detailed comment yet on the cyber attacks by Chinese authorities, who have said little about the contagion since it erupted on Friday, even as reports emerged of widespread infection in China.

Qihoo 360, one of China's leading suppliers of anti-virus software, had said on Sunday that at least 29,372 institutions ranging from government offices to ATMs and hospitals had been "infected", singling out universities as particularly hard-hit.

But the China Education and Research Network pushed back against such claims.

"These inaccurate statements have seriously misled public opinion, caused panic among teachers and students, and affected the normal order of instruction and life," it said, giving no further details.

Beijing University and Tsinghua University, two of the country's premier institutions located in the capital, have issued statements saying quick security action prevented "large-scale" infection on their campuses, without giving details.

Major universities in Shanghai told AFP on Monday they were not affected.

The indiscriminate attack began on Friday and struck banks, hospitals and government agencies worldwide, exploiting vulnerabilities in older Microsoft operating systems. But it appeared to have peaked over the weekend.

Security researchers on Monday said it bore the technical hallmarks of North Korean hacking, though the evidence remained inconclusive.

The muted public response by China could be linked to the sensitive fact that use of pirated computer software is rampant in the country, a sore point with trading partners like the United States which have complained for years of Chinese counterfeiting.

Security experts say pirated software is particularly vulnerable to security threats, but so far no evidence has emerged indicating whether that played any role in the virus's spread in China.

Chinese state media quoted the official Cyberspace Administration of China as saying the ransomware's spread had slowed significantly in China by Monday.

It had urged computer users to install and upgrade security software, but otherwise said little about the cyber attacks.

Among major Chinese entities affected, state-owned oil giant PetroChina has said its payment networks at petrol stations across the country were disabled for about 12 hours over the weekend.