Back to list

No government computers attacked by Petya ransomware: Cabinet

2017/06/28 20:29:05

File photo

Taipei, June 28 (CNA) The Executive Yuan's Department of Cyber Security said Wednesday that it has not received any reports of government computers being attacked by Petrwrap ransomware that has ravaged mostly government and state enterprise computers in Europe and beyond since Tuesday.

The latest ransomware, initially dubbed Petya, sends social engineering mails to targets. Once the attached file is opened, the virus will immediately spread throughout the computer and encrypt files. The virus will also spread to networked computers.

Petrwrap has reportedly attacked corporate computers in Ukraine, Russia, Denmark, Spain, France, the United Kingdom and India.

"What makes the rapid escalation of Petya both surprising and alarming is its similarity to the recent worldwide WannaCry ransomware crisis, primarily in its use of NSA exploit EternalBlue to spread through networks," according to a WIRED magazine report.

The Cabinet's Department of Cyber Security said it has alerted all government agencies of the latest security threat and has provided a list of do's and dont's to raise government employees' computer safety awareness.

Meanwhile, the department is also working with the Taiwan Computer Emergency Response Team/Coordination Center to inform industries in the private sector of the new cyber security threat and suggest ways of preventing attacks and provide solutions to emergencies.

Last month, when WannaCry attacked, a total of 185 computers in Taiwan were infected by the ransomware, including one in a government unit, according to Chou Mei-wu (周美伍), deputy head of the National Security Bureau (NSB).

The malware infected 116 computers at Taiwan Power Company (Taipower) offices and 68 others in 13 schools, Chou said at a legislative question-and-answer session on May 17.

A computer in the Taichung Employment Services Center was the only one in any government organization to be infected, because it was not covered by a security system established by the Executive Yuan to safeguard government computers from hackers, Chou said, adding that the device has since been repaired.

The Taipower infection did not affect the electricity supply because the infected computers were used mainly for administrative work, according to Chou.

(By Scarlett Chai and S.C. Chang)
ENDITEM/J