Over 28,000 Organizations In China Have Been Attacked By WannaCrypt, According To 360
摘要： By 19:00, May 13th (Beijing), 28,388 organizations have been attacked by the ransomware WannaCry / Wcry / WannaCrypt, statistics from Chinese cybersecurity service provider 360 show. Jiangsu province appears to be the most affected region in terms of the number of reported cases.
360’s Cybersecurity Surveillance and Response Center has rated the global ‘WannaCrypt’ ransomware cyberattack as 'extremely urgent'. Statistics from the center show that by 19:00, May 13th (Beijing), 28,388 organizations have been attacked by the ransomware. Jiangsu province appears to be the most affected region in terms of the number of reported cases.
On May 12th, the ransomware WannaCrypt struck the Internet globally in a very short time, unprecedented in scale. Hospital network in UK, telecom companies in Spain and Russia have been hit.
In China, university school networks, multiple energy companies, and even government departments are also under attack, with important files encrypted by the ransomware. Once the files are locked by WannaCrypt, the ransomware will blackmail the victims for bitcoins to unlock them. It’s reported that over 100,000 devices have been hit by the ransomware globally.
According to 360’s report, by 19:00, May 13th, 28,388 organizations have been hit by WannaCrypt. Attack reports have been popping up from all over China. Jiangsu, Zhejiang, Guangdong, Jiangxi, Shanghai, Shandong, Beijing and Guangxi provinces are the top eight affected regions in the country.
Organizations are advised to set up a central surveillance and response management system
Big organizations have complex networks, accesses, numerous devices, and sensitive data etc., and therefore would generate larger negative impact once under such cybersecurity threats, experts at 360’s
Cybersecurity Surveillance and Response Center explained. To prevent business systems and office terminals from being attacked by WannaCrypt, organizations are advised to set up central surveillace and response system to distribute and manage defense strategies.
As for common Internet users, 360’s chief cybersecurity engineer Zheng Wenbin told Sina Tech that besides paying the ransom, there isn’t a way to unlock the files encrypted by the ransomware. “If these files are incredibly valuable, you could try to pay the ransom, in case the ransomware deletes them. However, there is no guarantee that the ransomware would actually unlock your files after you make you payment,” Zheng said. “You can also choose to wait for cybersecurity experts around the world to crack the encryption algorithm.”
Here are two suggestions on preventing potential attacks for big organizations:
1. Win7 and newer Windows systems should be patched with the MS17-010 system update. Older Windows systems such as Windows XP/2003 users should turn off the SMB service.
2. Set up thorough emergency procedures for demilitarized zones, production zones, office zones, and network perimeters.
[The article is published and edited with authorization from the author @Sina Tech, please note source and hyperlink when reproduce.]