Over 1,900 computers in Vietnam reportedly infected with WannaCry ransomware

Wednesday, 2017-05-17 03:55:42
 Font Size:     |        Print
 
 Font Size:     |  

NDO - The ransomware, known as WannaCry, which has wreaked havoc across the world, has infected more than 1,900 computers in Vietnam as of May 16, according to security firm Bkav’s virus monitoring system.

Bkav said that about 1,600 of the affected computers belong to government agencies and businesses while about 300 belong to personal users.

Meanwhile, statistics from CMC Infosec, another security firm, show about 800 personal computers and servers have been infected with the WannaCry ransomware, mainly in major cities, with Hanoi having 400 affected computers and Ho Chi Minh City over 200.

According to CMC, the victims of WannaCry in Vietnam are mostly small and medium-sized enterprises with lax security layers, including those offering server hosting, domain and data services and online business enterprises with high data sharing activity.

CMC security experts said no measures are currently available to restore encrypted data and several enterprises had to pay the ransom to recover their data.

Notably, a Hanoi-based company with seven out of 40 servers infected with WannaCry paid about VND100 million (US$4,400) to have their data decrypted.

The statistics above are only those that have been recorded by internet security companies, the real number of infected machines could be much higher.

Experts said that about 4 million computers, equivalent to 52% of total Windows-based computers in Vietnam, remained susceptible to WannaCry because the patch for a vulnerability exploited by the ransomware is yet to be applied.

According to Bkav, the spreading of the WannaCry ransomware is just the tip of the iceberg because targeted attacks using spyware installed in these 4 million computers would be more dangerous and could potentially affect national security.

Vu Ngoc Son, deputy head of Bkav’s anti-malware division, said this threat is not as visible as ransomware and called for immediate efforts to fix this vulnerability.