More Ransomware Cases Detected In Malaysia; Unreported Cases Likely

Sixteen cases of WannaCry Ransomware cases have been detected in the country so far, but the number could be higher as many enterprises are reluctant to come forward to report the cyber attacks. 

Information technology (IT) security expert Fong Choong Fook said almost all of the WannaCry Ransomware attacks were through emails. 

“Most of these cases involved attacks through email attachments. Although it is not the only way (of attack), so far this is how the hackers are spreading the malware,” he told The Malaysian Reserve. 

Fong, who is the founder of LE Global Services Sdn Bhd — a professional IT security service provider — estimated the figure could be higher due to unreported cases. 

“There is no regulation that compels people to report these attacks to the authorities, or even service providers. We know the number of infected PCs (personal computers) may grow from the personal PC as well,” Fong said. 

He said some of the companies that had been affected included an entertainment outlet, maid agency and an investment firm. 

The cyber attack, which started over the weekend, had taken businesses by surprise and could cost billions in losses globally. 

WannaCry Ransomware cyber attacks had halted manufacturing lines, disrupted rail control system and rushed thousands of IT experts globally to install fixes in computer systems. 

It encrypts data files and asks users to pay a US$300 (RM1,296) ransom in bitcoins to access the computer again. 

The ransom note indicates the payment amount will be doubled after three days. If payment is not made after seven days, the encrypted files will be deleted. 

Fong said the Ransomware had been detected as early as April this year. 

“It is getting worse (day) by day. Sometimes the lack of awareness among users also contributes to this widespread attack,” he said, adding that the use of pirated and unpatched software made PCs more vulnerable to the cyber attacks. 

“Always be careful when opening any email attachment,” he said. 

CyberSecurity Malaysia CEO Datuk Dr Amirudin Abdul Wahab confirmed yesterday that the agency had received two official reports related to the WannaCry Ransomware attack. 

“We urge the public (organisations and individual users) to report any type of Ransomware attacks to CyberSecurity Malaysia by contacting our Cyber999 help service,” Amirudin said in a statement. 

The Association of Banks in Malaysia (ABM), meanwhile, have dismissed allegations circulating on the social media that there was a disruption of online/Internet banking and automated teller machine (ATM) services due to the Ransomware. 

“Our member banks that offer online/Internet banking and ATM services have confirmed that these services are operating as usual,” ABM said in a statement. 

It said some ATMs may experience occasional down-time during this period due to normal maintenance issues. 

“We would like to add that the commercial banking industry takes a very serious view of cybersecurity matters and has always been vigilant in managing risks relating to the same,” it added.