Singapore malls, users hit in cyber attack

A digital display at Tiong Bahru Plaza shows a ransomware message.
A digital display at Tiong Bahru Plaza shows a ransomware message.PHOTO: REDDIT

SINGAPORE - Singapore has seen a number of victims struck by the latest global ransomware attack, the Cyber Security Agency (CSA) said in an alert on Sunday (May 14).

Systems at Tiong Bahru Plaza and White Sands were also believed to be affected by the “WannaCry” worm. 

MediaOnline, which supplies digital signage, rushed to fix its systems after kiosks were infected at the malls. Director Dennis So said the systems were not connected to the malls or tenants’ networks.

A photo posted on Reddit on Saturday night showed a malware message on Tiong Bahru's mall directory, suggesting that it had been hit by the ransomware attack WannaCry.

The mall operators told Channel NewsAsia that they were alerted to the malware incident at around 5pm on Saturday.

A spokesman said the digital directory service is provided to the mall by a third-party vendor, and vendor systems have been disconnected from the board while a solution patch is being installed.

She added that no sensitive information in the mall directories was leaked and that hackers did not receive any money or bitcoin.

A display screen at an Orchard Central Desigual outlet is also believed to have been hit by the ransomware attack.

The CSA advised Internet users to be suspicious of uninvited documents sent through e-mail, back up crucial files, and run anti-virus security tools. 

Those with infected systems should remove the network cable or shut down the wireless function on their device so the ransomware doesn’t spread. They can then patch and restore their systems.

Friday's attacks, whose targets ranged from Russia's banks to British hospitals and a French carmaker's factories, used a technique called ransomware that locks users' files unless they pay the attackers a given sum using cryptocurrency Bitcoin.

The attack stopped spreading when a UK cybersecurity researcher, tweeting as @MalwareTechBlog registered a domain name used by the malware.

Friday's attack used a piece of malicious software known as "WanaCrypt0r 2.0" or WannaCry that exploits a vulnerability in Windows. While Microsoft had already released a patch (a software update that fixes the problem) in March, computers that had not installed the security update were still vulnerable.

Attacks have been recorded in at least 150 countries, including the UK, Russia, Ukraine, India, China, Italy, and Egypt. Europe and Russia have been the hardest hit so far. More than 200,000 victims have been affected, said the head of the European Union's police agency on Sunday.

The Cyber Security Agency of Singapore had previously said that no Government agencies or critical information infrastructure (CII) in Singapore were affected by the global hacking attacks.

The agency has advised organisations, businesses and members of the public to seek help from CSA's SingCERT (Singapore Computer Emergency Response Team) at singcert@csa.gov.sg or their hotline at 63235052, if they are affected. It also advised all Windows users to make sure their computer systems are fully patched, in an advisory on the SingCERT website.

The Straits Times has reached out to AsiaMalls and Desigual at Orchard Central for comments.