Singapore

Little sign of WannaCry worm in Singapore

Experts concerned about ransomware evolving, after MediaOnline suffers cyber attack

As the work week began yesterday, organisations and companies in Singapore were relieved to learn that they had emerged relatively unscathed from the global ransomware attack, but not all countries were that fortunate.

Variants of the worm, dubbed WannaCry, started attacking Microsoft Windows machines last Friday. By yesterday, some 150 countries had been hit.

In Singapore, where many companies had their systems checked at the weekend, the damage was relatively light.

Mr Dan Yock Hau, director of the National Cyber Incident Response Centre, said yesterday: "As of this afternoon, no critical information infrastructure has been affected." The centre is a unit of the Cyber Security Agency of Singapore (CSA).

CSA is working with telcos Singtel and StarHub to set up helplines to advise their customers - especially businesses - on recovering from the ransomware attack.

It is also keeping tabs on the global situation.

Mr Steve Ledzian, senior director of systems engineering at security systems specialist FireEye, said that organisations are "never truly out of the woods" even if they have addressed the threat.

"The threat landscape is constantly changing as new variants of ransomware evolve," he warned.

Mr Tee Chun Meng, head of information security at the Singapore Exchange, said the bourse is working closely with its vendors "to ensure our controls and defences are kept up to date to handle new variants of the ransomware".

A spokesman for Maybank said it is "on heightened alert" and keeping tabs on the latest developments to adjust its defence posture if needed.

The only victim in Singapore that has been reported so far is MediaOnline, which supplies digital signage to malls such as Tiong Bahru Plaza and White Sands.

Continual user education needs to be in place to help identify phishing attacks. Mr Jerry Tng, vice-president of IT management software provider Ivanti in the Asia-Pacific

Ms Karen Siow, general manager of Tiong Bahru Plaza, Liang Court and Hougang Mall at AsiaMalls, said: "There is no other anticipated impact from this malware as the digital directory systems run on a separate network from the rest of the corporate networks of AsiaMalls."

Experts said that Singapore's efforts to delink computers of public servants from the Internet may not fully filter out WannaCry.

The virus enters systems in two ways: when users click on a bogus link or when they open an e-mail attachment.

Separating machines from the Internet is effective for situations where users click on bogus links.

But if users open an infected e-mail attachment, the worm may still spread to multiple machines via the intranet.

Experts stressed that computer users must be wary of what is sent to them through e-mail. "Continual user education needs to be in place to help identify phishing attacks," said Mr Jerry Tng, vice-president of IT management software provider Ivanti in the Asia-Pacific.

FOR MORE, SEE 

Microsoft president slams US govt over ransomware

Some 30,000 Chinese institutions infected

SINGTELSINGAPORE EXCHANGEVirus