NSC, NC4 monitoring developments of NotPetya ransomware

SOO WERN JUN
Updated

KUALA LUMPUR: The National Security Council (NSC) through the National Cyber Coordination and Command Centre (NC4) is closely monitoring the developments of the NotPetya ransomware that has hit countries globally, in particular, Europe on Tuesday.

In a statement released today, the NSC stated the ransomware is a type of malicious software that restricts access to the computer it infects by encrypting hard drives and overwriting files before demanding Bitcoin payment to recover access.

It exploits computers that use Microsoft Windows software that are not updated with the latest patches.

Ransom money in the form of Bitcoin is demanded from the victim and they can regain access via an email address provided: wowsmith123456@posteo.net.

“However, Posteo, the email service provider has blocked the email account, preventing a victim from retrieving keys sent.

“In this regard, victims are advised not to make any payment,” the statement read.

To date, various sectors and critical services in 13 countries involving government sectors including energy, transport, communications, health, and banking have been infected by the attack.

These countries include Ukraine, Russia, Britain, the Netherlands, Spain, France, Italy, Denmark, Poland, Norway, United States, India and Australia.

While NC4 resources stated there are no significant incidents detected or reported in Malaysia, the country could potentially experience this attack and has issued an alert.

The National Critical Information Infrastructure Agency (CNII) Agency also advised companies and users to take precautionary measures through distributed advisories.

Computer users are advised to update their Windows operating system and anti-virus software, make copies of important files, and not open suspicious emails.

Users can find relevant guidance at www.nc4.gov.my/alert_advisory_public

Meanwhile, Universiti Kebangsaan Malaysia (UKM) Information Technology Centre deputy director Dr Mohd Rosmadi Mokhtar said NotPetya does not spread itself to external networks like WannaCry.

“That is probably the main reason why the rate of infection has since decreased and hopefully, due to that reason, will not reach Malaysia,” he said when contacted.

When asked if this is a political statement, Rosmadi said the ransomware creators could be going for the economics of scale.

“So far there are no parties claiming responsibility for this, that usually happens.

“When you are trying to make any political statements of some sort, it would be at the height of it, which is yesterday and today,” he said.

The attack had first shut down operations in Russia — including one of Russia's biggest oil company — and Ukraine before spreading to computers in Romania, the Netherlands, Norway, France, Spain, and Britain.

In a matter of hours, the attack had gone global, hitting the US and India.

National Security Council, NSC, National Cyber Coordination and Command Centre, NC4, NotPetya, ransomware, Bitcoin, Microsoft Windows

  • Up next
  • Up next
  • Up next
  • Up next

Latest stories