PETALING JAYA – The “WannaCry” ransomware which has hit computers in more than 100 countries so far has been detected in at least 10 devices here over the weekend.
“My vendor friends and I have received no less than 10 reports … and these are only those that we know of,” IT security service provider LGMS founder Fong Choong Fook said today.
“It could be much more than that,” said Fong, adding that cyber security vendors here have received reports from clients of their Windows devices being hacked with the ransomware.
He said to date, the victims include those from the financial sector and public-listed companies, including a government-linked company, an insurance company and an investment firm.
“I received a call from a client, who is the director of a company, on Saturday about his personal Windows laptop being attacked.
“We couldn’t confirm it was the WannaCry ransomware until Sunday, when we found out the features of the malware on his device are the same as those of WannaCry,” he said.
Fong said no reports were made by his or other vendors’ clients to the authorities as they were not required by law to do so.
The Malaysian Communications and Multimedia Commission (MCMC) had up to today maintained that the country has been free of such an attack.
MCMC officials could not be reached for comments or confirmation on the 10 local attacks, as at press time.
The ransomware works by encrypting files on target computers before demanding a ransom be paid in the crypto-currency Bitcoin.
Pictures on social media showed screens of computers with images demanding payment of US$300 (RM1,298) in Bitcoin – a form of digital currency.
A massive wave of `WannaCry` attack hit the world in recent weeks after some 200,000 systems from more than 100 countries were reportedly to be affected in the attack.
Fong said older Windows systems are more vulnerable to the attack due to a “major loophole” in these devices as they no longer receive patches to prevent such hacks.
When attacked, a victim’s device can still be operated, but Microsoft document files, including Words and Excel, would be “encrypted and locked” until the ransom is paid to the hacker to decrypt and unlock, he said.
The hackers also put pressure on the victims by automatically raising the ransom if it is not paid within a time frame.
Fong warned that the current wave of attacks may only be the first, saying other non-core Windows computers, such as those in Automated Teller Machines (ATM), could be the target of hackers in the near future.
Victims of the WannaCry ransomware should immediately unplug their devices from any networks to prevent the malware from spreading, he said and advised all computer users to regularly backup their files.
“Hackers no longer pick and choose large organisations as their targets. We need to change this mindset.
“Today, anyone, you and me, can all be the target of this form of cyber attack, so make sure you always backup your data,” he advised.
A WannaCry malware live tracker also showed that the attack has occurred in Malaysia.
However, cyber expert Alan Yau Ti Dun said it is hard to validate if any device in the country has been affected.
Yau claimed the malware live tracker is merely information pulled out from an Internet Protocol (IP) address.
“There is no official confirmation of how many have been affected, and we won’t know unless the National Security Council (NSC) announces it,” he said.