China issues warning for new ransomware virus

  • Tech News
  • Thursday, 18 May 2017

A photo taken on May 15, 2017 shows staff monitoring the spread of ransomware cyber-attacks at the Korea Internet and Security Agency (KISA) in Seoul More cyberattacks could be in the pipeline after the global havoc caused by the Wannacry ransomware, a South Korean cybersecurity expert warned May 16 as fingers pointed at the North. More than 200,000 computers in 150 countries were hit by the ransom cyberattack, described as the largest ever of its kind, over the weekend. / AFP PHOTO / YONHAP / YONHAP / REPUBLIC OF KOREA OUT NO ARCHIVES RESTRICTED TO SUBSCRIPTION USE

BEIJING: China has urged Windows users to protect themselves against a new ransomware virus similar to the WannaCry bug that wreaked havoc worldwide last week. 

”UIWIX” encrypts and renames files through a bug in the Windows operating system, China’s National Computer Virus Emergency Response Centre (CVERC) warned in a public announcement Wednesday, telling users to install the latest Microsoft update. 

The warning comes on the heels of the “WannaCry” cyberattack, which has hit hundreds of thousands of computers worldwide. 

While no UIWIX infections have yet been detected in China, the virus has spread in other countries and prompted a security alert last week from the Danish cybersecurity company Heimdal Security. 

”UIWIX ransomware is picking up where the first WannaCry wave left off, without a kill switch domain and the same self-replicating abilities that enable it to spread fast,” the firm said in a statement. 

Heimdal cautioned that the new bug could be more powerful than WannaCry due to the absence of a kill switch domain that could contain the virus’s distribution. 

But other analysts have noted that UIWIX appears to be spreading at a much slower pace. 

Global cybersecurity firm Proofpoint warned on Wednesday about another large-scale, stealthy cyberattack linked to WannaCry called Adylkuzz. 

The extent of Wannacry’s impact in China remains unclear. 

On Sunday, Qihoo 360, one of China’s leading suppliers of anti-virus software, said more than 29,000 institutions ranging from government offices to ATMs and hospitals had been “infected” by Wannacry, singling out universities as particularly hard-hit. 

But the Education Ministry’s China Education and Research Network denied that there had been widespread damage to computer systems, saying only 66 out of 1,600 Chinese universities were affected. 

Sarah Larson, a politics and cybersecurity researcher at the University of New South Wales, told AFP that China’s preemptive alert about UIWIX may indicate that WannaCry sent the government “reeling.” 

Larson said China is particularly vulnerable to malicious code because the majority of the country’s computer users are reliant on pirated software. 

”Until now the government has done little to encourage the use of legitimate software,” she said. 

”This reluctance is largely caused by a type of cyber sovereignty directed at the dominance of US tech companies like Microsoft.” 

Severine Arsene, an Internet expert at the French Centre for Research on Contemporary China, said the announcement, which noted the virus was “detected abroad,” is in line with China’s current rhetoric around cybersecurity. 

”China has long claimed that they are a major victim of cyber attacks every year,” Arsene told AFP, “whereas they are essentially portrayed as a source of cyberattacks by foreign media.” 

The warning is intended “to publicly show that they are taking responsibility to help maintain security and stability online”. 

The government will implement on June 1 a controversial cybersecurity bill tightening restrictions on online freedom of speech and imposing new rules on online service providers. 

Fifty-four international trade groups signed a letter Monday calling on China to reconsider the law, arguing that it would create significant obstacles for foreign businesses. — AFP


Across The Star Online

Air Pollutant Index

Highest API Readings

    Select State and Location to view the latest API reading

    Source: Department of Environment, Malaysia