30 Jun 2017

Be vigilant against the NotPetya ransomware because it could render infected machines unusable, the Govern­ment warns.

The National Security Council (NSC) and CyberSecurity Malaysia (CSM) issued statements to inform Malaysians about the severity of the outbreak, assuring the public that they are monitoring the situation.

CSM CEO Datuk Dr Amirudin Abdul Wahab said the agency has a technical team on standby to exchange information with other computer emergency response teams around the world.

“We have issued an alert specifically on this incident, and suggest that system administrators refer to our alerts and updates through our portal,” Dr Amirudin said in a statement.

This came about a month after another ransomware – WannaCry – held the cyberworld hostage.

According to NSC’s National Cyber Coordination and Command Centre (NC4), several sectors in 13 countries, including the government, energy, transportation, communication, healthcare and banking sectors, have been infected since Tuesday.

The countries are Ukraine, Rus­sia, Britain, the Netherlands, Spain, France, Italy, Denmark, Poland, Norway, the United States, India and Australia.

NSC said NotPetya is a modified strain of the Petya malware, and is capable of encrypting a computer and holding it to “ransom”.

To regain access to their compu­ters, victims must make payment via Bitcoin to an e-mail address un­­der German service provider Posteo.

NSC warned victims not to pay the ransom as Posteo has blocked the e-mail.

It also warned Critical National Information Infrastructure agencies in Malaysia to follow its advisory and take protective measures.

CSM’s Computer Emergency Response Team (MyCERT) portal published an advisory late yesterday afternoon explaining that the ransomware exploits a vulnerability in Microsoft Windows.

It urged users to plug the vulnerability with Microsoft’s MS17-010 patch, which was rolled out in March this year.

The advisory also recommended users disable Psexec and the Windows Management instrumentation – both Windows components NotPetya exploits to infect other computers on the same network.

MyCERT statistics show there were 1.13 million malware infections in Malaysia last year.

As at April this year, the figure stood at 331,165.

“In view of the numerous cyberattacks and (potential) online incidents, Internet users must equip themselves with cybersecurity knowledge.

“They have to take cyberattacks and online incidents as new challenges … and use technology positively,” said Dr Amirudin.

An agency under the Science, Technology and Innovation Ministry, CSM is the national cybersecurity specialist providing technical assistance and training services for national cyber crisis management.

Source: The Star