Fear of 'ransomware' attacks spreads in S. Korea

By Park Sae-jin Posted : May 15, 2017, 12:56 Updated : May 15, 2017, 13:21

[Yonhap Photo]


Strange scenes took place at offices in South Korea on Monday morning. Before work, workers crawled under their desks to pull LAN wires from computers to prevent infection with "ransomware", a malicious software which blocks access to data until a ransom is paid.

"Corporates and individuals should be cautious when opening emails from unknown sources," Korea Internet & Security Agency (KISA), a state internet watchdog, issued a warning over the ransomware "WannaCry" which takes over computer control by using the security loophole of the Windows operating system. "Windows OS should be upgraded to Windows 7 or higher version," it said, suggesting the latest security patch should be applied.

The attack by WannaCry, a new form of ransomware, began last Friday in Europe and spread quickly across the world.  In South Korea, eight corporates made inquiries to KISA over the weekend and five of them are receiving technical support. The watchdog speculates damage reports will spike during the week after many computers were turned on for work.

Ransomware attacks are mostly malicious codes hidden in Flash advertisements and web pages. Once activated, the ransomware encrypts files inside computers, leaving them inaccessible by users. The encrypted files can only be decrypted by paying the ransomware developer with cash or Bitcoin, a digital payment system.

WannaCry intrudes computers through ports used for sharing files and data inside separate networks in offices, cafés and public wireless accessing points. If a computer is infected, the malware quickly spreads and duplicates itself inside other computers.

KISA has issued manuals on how to change computer settings to block ports used by WannaCry.

Park Sae-jin = swatchsjp@ajunews.;com 
기사 이미지 확대 보기
닫기