Ransomware: Situation across Asia

People use computers at a cyber cafe in Taipei, Taiwan.
People use computers at a cyber cafe in Taipei, Taiwan. PHOTO: EPA


The attack had infected close to 30,000 organisations by Saturday, but officials and security firms said yesterday that the spread was starting to slow.

East China's Jiangsu and Zhejiang provinces were the most affected regions, with train stations and post offices hit, according to the Global Times. State-owned oil giant PetroChina disconnected networks linking its petrol stations for 12 hours on Saturday after its Internet payment functions were disabled.


Three cases of ransomware had been reported by individuals who had not installed the latest security updates on their Windows 7 operating systems and were directly connected to the Internet, the South China Morning Post reported , citing the Hong Kong Computer Emergency Response Team.


Some 770 computers at Taiwan Power Company's offices were infected but most have been repaired, the island's main utility said yesterday. The incident did not affect electricity supply, said company spokesman Lin Te-fu .

Ten schools in southern Taiwan and a trading company in central Taiwan also reported attacks, said the Central News Agency.


Major cinema chain CJ CGV said advertising servers and displays at theatres were hit by ransomware. Movie servers were not affected, it said. An official at the Interior Ministry's integrated government computer centre said the government's computer systems were not affected, reported Yonhap news agency.


The National Police Agency reported two breaches of computers on Sunday, one at a hospital and the other case involving an individual.

Hitachi said the attack had affected its systems at the weekend, leaving staff unable to receive and send e-mails or open attachments in some cases. The problem was still ongoing, it said.


The government said it had received only a few reports of attacks on systems. No major Indian corporations reported disruptions to operations.


Staff at the Dharmais Hospital in Jakarta found on Saturday that 400 computers at the facility had been locked by malware.

The attack did not affect critical health services at the hospital, which specialises in cancer treatment, but caused bottlenecks in patient admissions, said a hospital staff member who gave his name only as Willy.


A cyber security expert told The Straits Times he was aware of at least 28 companies, one of which is a multinational logistics company, being infected by WannaCry.

The companies simply reformatted their servers and restored their data from backups, he said.


Online gaming server Garena Online said it had to close its game Blade & Soul on Saturday after it was hit by the attack. Players were able to resume their games the next day. A large advertising board in central Bangkok was also seen with the ransomware message on Saturday.

Hospitals have not reported any attack to the authorities.


The Malaysian Communications and Multimedia Commission said it had yet to receive any report of WannaCry attacks as of noon yesterday, The Star reported.

Mr C.F. Fong of the cyber security firm LGMS said his clients - which include major banks - had not reported any attacks so far, although a director of one of his client companies had discovered the ransomware on his personal laptop.


Mr Vu Ngoc Son, a director of Bkav Anti Malware, said dozens of cases of infection had been reported in the country, but he declined to identify any of the victims.


•Additional reporting by Raul Dancel, Yasmin Lee Arpon and Walter Sim

A version of this article appeared in the print edition of The Straits Times on May 16, 2017, with the headline 'Ransomware: Situation across Asia'. Subscribe