HKCert
Press Centre

HKCERT: Watch out for New Ransomware

Release Date: 28 / 06 / 2017
Last Update: 29 / 06 / 2017

In light of the new ransomware attacks on computer users across the world, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council today (28 June 2017) urged the public to be vigilant.

 
Cyber criminals have launched the attacks through phishing email campaigns. An infected computer would try to infect other machines in the local network quietly for up to an hour before rebooting to display the ransom notice. It would attack computers with an unpatched Microsoft Windows vulnerability, first discovered in the WannaCry attacks. Also, machines in the local network that the infected computer has domain administrative rights over would be commanded to install the ransomware.
 
As of 5pm today, HKCERT has not received any local reports of the ransomware. However, it has earlier issued a security alert to urge computer users to take the following remedial and preventive measures:
  1. Apply latest security updates to Windows and other applications;
  2. Minimize the number of users who have domain administrative rights to confine the scope and impacts of attacks, and use normal privilege in daily operation;
  3. Ensure the installation of anti-virus or Internet security application, and its signature updated;
  4. Ensure personal firewall is turned on to block incoming SMB connections;
  5. Regularly backup data and keep an offline copy; and
  6. Do not open links and attachment in any suspicious emails.