Cyberattacked and blackmailed, businesses 'call for help'

Businesses affected by WannaCry in Vietnam are having to ask for help from experts and even call directly to the leaders of the Department of Information and Communications for help.

“I received a call for support from a private company because it was infected with WannaCry. Immediately, I directed the specialized department to provide timely instructions to help this business handle the situation,” said Mr. Le Quoc Cuong – Deputy Director of the Department of Information and Communications of Ho Chi Minh City during an impromptu discussion on the WannaCry malware infection situation.

The WannaCry attack has affected a number of businesses in Vietnam.

Mr. Cuong added that after the urgent dispatch of the Ho Chi Minh City People's Committee on implementing measures to prevent and overcome incidents caused by the WannaCry malware, the Ho Chi Minh City Department of Information and Communications has sent out warnings to departments, agencies and state-owned enterprises in the city.

However, according to information compiled from many sources, dozens of businesses in Vietnam have become victims of WannaCry. Data from CMC Cyber ​​Security Company shows that about 400 computers in Hanoi and 200 computers in Ho Chi Minh City were infected.

“There are currently no complete statistics on the extent of damage to businesses in Vietnam caused by WannaCry,” said Mr. Ngo Vi Dong – Chairman of the Southern Branch of VNISA Information Security Association.

Mr. Vo Do Thang - Director of Athena Cyber ​​Security Center said that this unit has received more than 30 cases of businesses infected with WannaCry malware in the past few days. These businesses operate mainly in fields such as trade, finance, manufacturing, media... Among them, a television program production unit in Ho Chi Minh City was asked for 7 bitcoin ransom by WannaCry. A factory with a revenue scale of thousands of billions of VND per year in Bien Hoa (Dong Nai) was also infected with this malware, but the IT department is temporarily suspending intervention to wait for instructions from the parent corporation abroad.

A ransom note from WannaCry demanding payment from Vietnamese businesses. Photo: Provided by Athena Center

Contrary to the hackers' wishes, most of the businesses infected with WannaCry in Vietnam have no intention of paying ransom to retrieve data. CMC recorded a company in Hanoi owning 40 servers, with 7 servers willing to pay about 100 million VND to retrieve data. Meanwhile, only one of the more than 30 businesses that Athena is supporting is willing to pay more than 70 million VND to ransom data. This case is an auditing company.

“Most of the companies that contacted me for help with isolation to avoid spreading the virus have little intention of paying the ransom. These units assess the importance of the data themselves. Some feel it is insignificant, so they accept to leave the data on the old hard drive and buy a new one to install,” said Mr. Thang.

Reuters news agency quoted a hotel manager in Hanoi as saying that the hotel was asked for 5 bitcoins as ransom by WannaCry, equivalent to about $9,000. However, this unit also refused to pay and chose to spend $2,000 to temporarily accept reservations and update operational information manually.

Businesses that have not been infected with WannaCry have also begun to take precautions. Mr. Vo Do Thang said that the number of businesses that have not been infected but have called his center for security advice has increased significantly, more than the number that have been infected. Some IT specialists at businesses said they have received orders to back up important data and calculate the possibility of upgrading to Windows 10, Microsoft's latest operating system, which is considered the most secure of all versions.

However, according to experts, Vietnamese businesses are also facing difficulties, many small-scale units use unlicensed Windows operating systems, so they have to turn off updates and patches. In addition, some machines in industries are designed to run only on Windows XP - an old operating system that contains many vulnerabilities. The only luck is that Microsoft has just released an exception to patch Windows XP due to the severity of WannaCry.

“If you are eager to get a patch for Windows XP without knowing the source, you may be infected with the code again. In the case of production devices that are limited by hardware capacity or are designed to run Windows XP, we must use surrounding preventive measures such as upgrading firewalls, using additional specialized anti-virus devices…”, Dr. Vo Van Khang - Vice President of VNISA South warned.

According to Kaspersky statistics, more than 200,000 computers in 150 countries have been damaged by the WannaCry ransomware. About 110 victims have agreed to pay the ransom to the hackers. Among the infected victims are big names such as: FedEx, Renault, Petro China, Walt Disney...

According to VNE