Few reports of ransomware received in HK so far

A screenshot of the warning screen from a purported ransomware attack. Photo: AP

A screenshot of the warning screen from a purported ransomware attack. Photo: AP

Hong Kong appears so far to have escaped the brunt of a global cyber attack that has crippled more than 200,000 computers around the world.

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), which handles cyber-security in the city, said on Monday morning that it has received reports of only three cases where local computers were compromised by the ransonware known as “Wannacry.” All were computers running the Windows 7 operating system.

Victims receive images on their screens demanding payment of US$300 in the virtual currency Bitcoin, saying: “Ooops, your files have been encrypted!”

Payment is demanded within three days or the price is doubled, and if none is received within seven days the locked files will be deleted, according to the screen message.

A senior consultant with HKCERT, Leung Siu-cheong, warned that more cases could emerge in Hong Kong over the next few days, and urged users to keep their operating system updated to ward off the threat of Wannacry and other ransomware like it.

Leung warned that a single vulnerable computer within any network could expose the whole system to such threats.

“If there is one single infected computer in [the] network, this computer will scan the internal network for other victims within the same network and try to attack and if they haven’t [downloaded the latest patch], they are very vulnerable and easy to be exploited.”

He added that users who run anti-virus software wouldn’t necessarily be protected against ransomware, because they exploit vulnerabilities to install themselves on victims’ computers without their knowledge.

“Anti-virus software it is not very good in preventing this kind of network attack”, Leung said.