SingCERT issues advisory on actions to take if you get hit by the WannaCry virus

The exploit can infect machines running unpatched versions of Windows by taking advantage of flaws in Microsoft Windows' SMB (Server Message Block). PHOTO: REUTERS
Updated
May 24, 2017, 02:41 PM
Published
May 15, 2017, 11:06 AM

SINGAPORE - The global ransomware - dubbed WannaCry - that first surfaced last Friday (May 12) is expected to hit Asia hard on Monday.

While the true extent of the damage caused so far remains unclear, the latest estimates place it at over 200,000 victims in at least 150 countries.

In Singapore, a company that supplies digital signage, MediaOnline, was rushing to fix its systems after a technician's error led to 12 kiosks being infected in Tiong Bahru Plaza and White Sands.

Here's a guide from the Cyber Security Agency's SingCERT (Singapore Computer Emergency Response Team) on what to do if you become a victim.

Why is it dangerous?

The hackers leverage on a Window exploit developed by the US' National Security Agency called EternalBlue, which was reportedly leaked and dumped by the Shadow Brokers hacking group last month.

The exploit can infect machines running unpatched versions of Windows by taking advantage of flaws in Microsoft Windows' SMB (Server Message Block).

More On This Topic
Key facts about WannaCry virus

Once a single computer in an organisation is hit by WannaCry, the worm looks for other vulnerable computers within the network to infect.

How can it be prevented?

Microsoft released a patch (MS17-010) for the vulnerability in March. Those who have not patched their computers should so immediately.

Like any other ransomware infection, you should be suspicious of uninvited documents sent through e-mail.

Avoid click on links inside such documents unless their sources have been verified.

Always make a back-up of your important files and documents, and ensure that you run an active anti-virus security suite of tools on your system.

Most importantly, browse the Internet safely.

What if I get infected?

While there is no known way to recover files encrypted by WannaCry, don't panic.

Start by removing the network connection (either remove the network cable or shut down your computer's wireless function) from your computer to prevent the spread of WannaCry.

Rebuild your affected computer before patching it with the recommended patch and restoring your system from the backups made previously.

Those who need further assistance can contact SingCERT for advice.

Related Stories
US, Britain blame Russia for 'NotPetya' ransomware attack
Most Maersk operations running after global cyberattack
Mystery of motive for a ransomware attack: Money, mayhem or a message?
A ransom message popping up on a monitor of a payment terminal at a branch of Ukraine's state-owned bank Oschadbank after institutions were hit by a wave of cyber attacks yesterday. The new virus, which is spreading to many countries, has a fake Micr
New cyber attack spreads across Europe
Nato chief says cyber attacks could potentially trigger mutual defence commitment
Comparing NotPetya and WannaCry and tips on how to stay safe from ransomware
Singapore critical sectors, government not affected by NotPetya ransomware
Cyberattack reaches Asia and Australia as new targets hit by ransomware demand
China issues warning for new ransomware virus
Another large-scale cyber attack underway: Experts
Greater global cooperation required to fight cyber crime: China Daily
Hackers mint crypto-currency with technique similar to WannaCry 'ransomware' attack

Join ST's WhatsApp Channel and get the latest news and must-reads.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top