PETALING JAYA: Malaysia’s cyber security agency has issued an alert as the country emerged as one of the nearly 100 nations hit by a massive global cyberattack of ransomware.
CyberSecurity Malaysia, an agency under the Science, Technology and Innovation Ministry, urged all Internet users and system administrators to secure their machines and networks to protect against the “WanaCrypt0r 2.0” ransomware.
Ransomware is a type of malicious software (malware) designed to block access to a computer system until a sum of money is paid.
“We urge system administrators to patch their systems as soon as possible and keep their users aware of the new ransomware in order to prevent them from opening suspicious e-mails and files,” said chief executive officer Datuk Dr Amirudin Abdul Wahab in the alert issued yesterday.
The alert said the malware used a vulnerability first revealed to the public as part of a leaked stash of documents from the National Security Agency, America’s military intelligence organisation.
The cyberattack detected on Friday reportedly hit 99 countries, affecting the computer networks of Britain’s National Health Service, Russia’s interior ministry and international shipper FedEx, among others.
AFP quoted British Prime Minister Theresa May as saying that the attack was not targeted at any particular country.
“It’s an international attack and a number of countries and organisations have been affected,” May said.
A real-time map of the attack by security blog MalwareTech that was widely referred to in international news reports put Malaysia as one of the countries hit.
However, it did not specify which computer networks or servers were affected.
The map can be viewed at https://intel.malwaretech.com/botnet/wcrypt/?t=24h&bid=all
Reuters reported that victims who opened infected e-mail attachments would find their data encrypted.
The ransomware would then demand payments of up to US$600 (RM2,640) to restore access.
CyberSecurity said ransomware could lead to temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses and potential harm to an organisation’s reputation.
It advised Internet users to back up their data regularly, maintain an up-to-date anti-virus operating system and not to click on unsolicited e-mail attachments.
“We are monitoring the situation in Malaysia and will take necessary action by providing technical assistance to affected organisations and individual users on remediation and prevention,” said Dr Amirudin.
Internet users can keep track of CyberSecurity’s latest threat advisories on its website www.mycert.org.my.
As at 10am yesterday, the Malaysian Communications and Multimedia Commission said no attacks had been reported.