HKCert
Press Centre

HKCERT Security Alert: Watch out for WannaCry Ransomware

Release Date: 13 / 05 / 2017
Last Update: 14 / 05 / 2017

In light of the WannaCry ransomware attacks on computer users across the world including Hong Kong, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council today (13 May 2017) warned that WannaCry was a very vicious malware which would scan for computers with an unpatched Microsoft Windows vulnerability over the Internet and attempt to infect them.

 

HKCERT has issued a security alert today to urge computer users to take the following remedial measures:

  1. Update the Windows system and install the security patch provided in the Microsoft Security Bulletin MS17-010;
  2. Use Firewall to protect the network and do not expose the SMB service in the open network (i.e. close the public access to TCP ports 139 and 445); and
  3. Regularly backup data and keep an offline copy.

HKCERT has been in close contact with Microsoft and learnt that Microsoft has already taken proactive actions against the latest attacks, including:

  1. Releasing a security update earlier in March this year to address the vulnerability that these attacks are exploiting; and
  2. Providing an extra security update for platforms in custom support only, including Windows XP, Windows 8, and Windows Server 2003.
  3. Urging customers to upgrade to Windows 10 as soon as possible to enjoy the most powerful defense. Customers running Windows 10 were not targeted by the attack today, and with the security updates in March, customer data should be well protected.

A spokesperson for Microsoft said users may go to the following website to download the appropriate security update and installation instructions:

 

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

 

For Microsoft’s full response statement, please visit the following link: https://wp.me/p5FsOe-4lu. Users may also contact Microsoft Customer Hotline at tel.: (852) 2388 9600 for assistance.

 

In addition, the public may learn more details about the WannaCry security alert from HKCERT website (https://www.hkcert.org/my_url/en/alert/17051301). For incidents reporting or enquiries, please contact the HKCERT hotline at tel.: (852) 8105 6060, or email: [email protected].