PETALING JAYA: All governmental agencies have been told of the WannaCry ransomware outbreak and have armoured themselves against attacks.
“All government agencies at federal and state level have been alerted and ensured that their computers have been patched accordingly,” said CyberSecurity CEO Datuk Dr Amirudin Abdul Wahab.
Dr Amirudin said the WannaCry ransomware exploited vulnerabilities of the Windows operating system, especially on Windows XP which has stopped receiving updates since 2014.
“The malware exploits a flaw in the network protocol called the Server Message Block. Unlike former malware cases which is localised to a single computer, WannaCry exploits the operating system’s vulnerabilities and spreads it across PCs in the network.
“This is why it spread at such speed and range. Realising this, Microsoft came out with the MS17-010 patch to stop this particular malware from working and spreading,” he said in a phone interview.
The patch was first rolled out in March this year but was not available to Windows XP, Windows 9 and Windows 2003 until May 12, after WannaCry’s outbreak.
According to the Microsoft Security Response Centre, Windows 10 users were not targeted by the attack.
To protect themselves against any malware attack, computer users were urged to back up their files, avoid clicking on suspicious links online or download attachments in e-mail messages sent by strangers.
“Apart from preventive measures, if you think you have been infected by the malware, please report to us at firstname.lastname@example.org or call us at 1300-88-2999,” he said.
In response to a question, Dr Amirudin said it was not an obligation under the law for anyone to report any security breach.
“It is not mandatory in Malaysia, unlike in some other countries,” he lamented, pointing out that when people made a report to CyberSecurity, their confidentiality would be paramount.
“We can also provide assistance,” Dr Amirudin added.
As of 6pm yesterday, CyberSecurity has yet to receive any report on infected computers in Malaysia.
“It does not mean that infection will not happen. At present, however, the situation is manageable and under control and we are always on the alert,” he said.
When contacted, the Malaysian Communications and Multimedia Commission and CyberSecurity Malaysia also said they had not received any report of a WannaCry infection in Malaysia.
WannaCry strikes two Malaysian companies