|Photo courtesy of Kaspersky Lab|
The VNCERT, under the Ministry of Information and Communications, has issued warnings as well as offered protection measures to all users to guard against the ransomware and its variations, which target Microsoft Windows - an operating system that is widely used in Việt Nam, especially the outdated Windows XP.
Kaspersky has listed Việt Nam among the top 20 countries most affected by this ransomware; the other countries and territories include Russia, Ukraine, India, Taiwan, and mainland China.
The VNCERT said the ransomware is extremely dangerous as it is capable of stealing information and decrypting the entire system that has been infected.
Once the computer’s data have been encrypted, or ‘locked down’, a message would appear saying that the users’ files are no longer accessible. Should they want to get their data back, users are asked to pay up large sums of money to get a decryption key. The longer the users wait, the higher the ransom money. The hackers behind WannaCry only accept ransom paid via BitCoin, a digital currency that ensures that the transaction cannot be traced back.
WannaCry exploits a Windows vulnerability codenamed EternalBlue, which has been patched by Microsoft in an update deployed on March 14. However, not everyone has installed the patch yet, and those who have not are vulnerable to WannaCry.
The exploitation of EternalBlue, suspected to have been developed using a hacking method leaked from US National Security Agency, allows the malware to spread through file-sharing protocols set up across the internal networks of organisations, many of which criss-cross the globe, according to Financial Times.
WannaCry developers have prepared a Q&A section in various languages, offering infected users localised instructions on how to recover data and how to pay the ransom.
Vũ Ngọc Sơn, deputy head of the anti-malware department of Bkav Corporation, the largest internet security firm in Việt Nam, said that the WannaCry ransomware’s behaviour is “not new”, but he believes that the use of this ransomware will not really ease up as “it can directly earn large profits for hackers”.
Bkav recommends that all computer users immediately install updates and security patches and hotfixes via Windows Update. Users are also advised to back up valuable data regularly.
Currently, an estimated 200,000 victims in 150 different countries are reported to have been hit by the cyberattack.