Singapore spared brunt of NotPetya ransomware attack
But some companies lose work hours after shutting down computers to keep out ransomware
A new ransomware attack on Tuesday night wreaked havoc on the information technology systems of major organisations across the globe.
Though Singapore seemed to have escaped relatively unscathed so far, several companies lost work hours yesterday after telling their staff not to turn on their computers as a precaution.
At least two companies took precautions after noticing "interference" on some of their IT systems. It is not clear if they had been infected by the ransomware, which has been dubbed NotPetya.
The Cyber Security Agency's (CSA) Singapore Computer Emergency Response Team (SingCert) said on its website yesterday that it was alerted to the global spread of the malware, which was inspired by last month's WannaCry ransomware, and described it as "more dangerous and intrusive" than WannaCry.
The first attacks were reported from Russia and Ukraine, and it subsequently spread to other parts of Europe, the US, Australia and India.
The attacks affected at least 2,000 individuals and organisations worldwide, The Guardian reported.
Those affected by NotPetya were told to pay US$300 (S$416) in cryptocurrency per infected computer to unlock their systems. Those who paid failed to get their computers unlocked.
A researcher told The Guardian that the software was "definitely not designed to make money" but "to spread fast and cause damage, (using the) plausibly deniable cover of 'ransomware'".
The malware was named NotPetya because while it shares code with an earlier ransomware strain called Petya, it is "a new ransomware that has not been seen before", said researchers at Kaspersky Lab.
Experts warned that the worst is not over.
United Kingdom media company WPP said in a statement yesterday that the IT systems at a number of its companies had been affected.
It said they were working to restore disrupted services and many of their businesses were experiencing minimal or no disruption.
The world's largest advertising agency did not specify how many WPP companies had been affected, but The New Paper understands that staff at Ogilvy & Mather Group Singapore, Cohn & Wolfe Singapore and Fitch Design Singapore were told not to turn on their office computers.A spokesman for courier company TNT Express said his firm experienced interference with some systems in its network and was taking remedial action.TNP understands that staff members at its Singapore office received a message on Tuesday night about the attack and were told to unplug their computers.
It is understood that some of them took half-a-day's leave yesterday.
Law firm DLA Piper Singapore said on its website yesterday that it had experienced issues with some systems due to suspected malware, and took down the systems as a "precautionary measure".
In a joint statement, CSA and GovTech said yesterday that SingCert had not received any reports on the malware infection.
They added: "None of Singapore's 11 Critical Information Infrastructure Sectors were affected; our government systems have not been affected.
"The Singapore Government is closely monitoring the global situation. GovTech has put in place a range of measures that minimises the likelihood of government systems being infected by malware, including ransomware."
SingCert also advised all computer users and companies to patch their Microsoft Windows computers to ensure that their anti-virus software is updated with the latest malware definitions.
"Users should perform file backups and store them offline in case they need to restore their systems following an attack," it added.