VNCERT issues nationwide order to block the biggest cyber attack in history

The Vietnam Computer Emergency Response Team (VNCERT) has just issued an order requiring the entire country to block connections to the servers controlling the WannaCry malware that is affecting more than 130,000 network systems in more than 100 countries around the world. This is an "unprecedented" global cyber attack.

Official dispatch No. 144/VNCERT-DPUC signed by Mr. Nguyen Khac Lich, Director of VNCERT, on May 13, was sent to the specialized units on IT and information security of the Central Party Office, the Office of the President, the Office of the National Assembly, the Office of the Government; specialized units on IT and information security of Ministries and Branches; Units under the Ministry of Information and Communications; Departments of Information and Communications; Members of the Vietnam Internet incident response network; Corporations, economic groups; Financial and banking organizations; Internet infrastructure enterprises, Telecommunications, Electricity, Aviation, and Transport.

Accordingly, VNCERT requests the Unit's Leaders to direct units under their management to urgently carry out the following tasks to prevent and stop the attack of Ransomware WannaCry (or known by other names such as: WannaCrypt, WanaCrypt0r 2.0, ...) into Vietnam.

This center requires the whole country to monitor and block connections to the servers controlling the WannaCry malware and update the protection systems such as: IDS/IPS, Firewall, ... with identification information about this new type of ransomware, including 33 IP addresses of the servers controlling the malware (C&C Server); 10 files and 22 hash codes (Hash SHA-256). If detected, it is necessary to quickly isolate the detected area/machine;

In addition, VNCERT requests everyone to check and urgently implement the steps previously instructed in Document No. 80/VNCERT-DPUC, dated March 9, 2016 and Document No. 123/VNCERT-DPUC, dated April 24, 2017, download at:

http://www.vncert.gov.vn/baiviet.php?id=24 http://vncert.gov.vn/baiviet.php?id=52 để phòng tránh các cuộc tấn công qui mô lớn và nguy hiểm khác.

The document requires all units to report the situation to the National Incident Response Coordination Center (VNCERT Center) at the email address:[email protected].

According to VNCERT's assessment, this is a very dangerous malware that can steal information and encrypt the entire system server. Along with the announced vulnerabilities, hackers exploiting and attacking will cause many other serious consequences.

According to the latest statistics, Russia and India are the two countries most heavily affected by vulnerabilities in Microsoft's Windows XP operating system, an outdated operating system that no longer receives support from Microsoft but is still widely used.

These cyber attacks come in the form of "extortion", whereby network users will not be able to access data unless they pay hackers a virtual Bitcoin amount worth 300 - 600 USD to be able to recover the necessary data.

List of malware control servers (C&C Server)

List of file names

Hash List (Hash SHA-256)

According to Dantri