LINE

Text:AAAPrint
Sci-tech

Cyber sleuths: Ransom virus under control

1
2017-05-18 09:20China Daily Editor: Feng Shuang ECNS App Download

WannaCry, a strain of Windows ransomware that posed severe security threats to China's universities and energy corporations, is under control as the number of computers under attack dropped significantly, China's top cybersecurity emergency response center said.

The number of computers in China under attack from the ransomware had dropped Monday to Tuesday to 213,000 per hour on average from more than twice that - 520,000 per hour - from Saturday to Sunday, according to data released by the National Computer Network Emergency Response Technical Team/Coordination Center of China on Wednesday.

"The drop is mainly because users of Windows operating systems have begun to install patches developed by Microsoft after the global attack over the weekend," said Zhang Shuai, an engineer from the center. "But the risk remains high."

Gas stations run by China National Petroleum Corp in several cities could not carry out card and mobile payment transactions on Saturday because the computers were affected by the ransomware, the company said. Schools in China also were hit hard over the weekend.

Via a security loophole in Windows, the virus blocks users from accessing their own files. It encrypts the data and system files on the computer, which the user can then access only by paying $300 via the anonymous online bitcoin currency within seven days.

Zhang said Microsoft released patches to prevent such attacks in March and April. "Computers under attack are those that haven't updated their systems on time."

Tests by researchers show that an unpatched computer that was connected to the internet could be infected in a matter of minutes. WannaCry targets files that are important to the users, such as Word documents, pictures and videos, Zhang said.

"It is almost impossible to fully recover the files once they are locked by WannaCry," Zhang said.

WannaCry also can easily penetrate to computers linked to corporations via an intranet because it spreads through e-mail as well as by computers connected via a network. Many computers that connect by an intranet need to be updated manually instead of automatically, which is why many businesses and universities were affected, he added.

More than 52,000 IP addresses around the world launched WannaCry attacks by 7 am Tuesday and 26,000 were from the Chinese mainland, the center said.

An architecture professor at a university in Beijing said his computer was attacked by WannaCry on Sunday.

"I thought it was a practical joke from my students at the beginning, until I heard the news," said the professor, who declined to be named. "Many of my blueprints have been locked. I'm planning to pay the ransom to save years of my hard work."

It still was not clear who will receive the ransom in the end. Zhang, from the emergency response center, said it would take international efforts to track down the perpetrators.

  

Related news

MorePhoto

Most popular in 24h

MoreTop news

MoreVideo

News
Politics
Business
Society
Culture
Military
Sci-tech
Entertainment
Sports
Odd
Features
Biz
Economy
Travel
Travel News
Travel Types
Events
Food
Hotel
Bar & Club
Architecture
Gallery
Photo
CNS Photo
Video
Video
Learning Chinese
Learn About China
Social Chinese
Business Chinese
Buzz Words
Bilingual
Resources
ECNS Wire
Special Coverage
Infographics
Voices
LINE
Back to top Links | About Us | Jobs | Contact Us | Privacy Policy
Copyright ©1999-2018 Chinanews.com. All rights reserved.
Reproduction in whole or in part without permission is prohibited.