Beijing, China
Beijing, China

Time filter

Source Type

News Article | May 15, 2017
Site: hosted2.ap.org

Log in, look out: Cyber chaos spreads with workweek's start (AP) — Global cyber chaos was spreading Monday as companies booted up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. The initial attack, known as "WannaCry," paralyzed computers running Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world. As a loose global network of cybersecurity experts fought the ransomware hackers, Chinese state media said 29,372 institutions there had been infected along with hundreds of thousands of devices. The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far. Government agencies said they were unaffected. Companies like Hitachi and Nissan Motor Co. reported problems they said had not seriously affected their business operations. In China, universities and other educational institutions were among the hardest hit, about 15 percent of the internet protocol addresses attacked, according to the official Xinhua News Agency. That may be because schools tend to have old computers and be slow about updates of operating systems and security, said Fang Xingdong, founder of ChinaLabs, an internet strategy think tank. Railway stations, mail delivery, gas stations, hospitals, office buildings, shopping malls and government services also were affected, Xinhua said, citing the Threat Intelligence Center of Qihoo 360, a Chinese internet security services company. Elsewhere in Asia, officials in Japan and South Korea said they believed security updates had helped ward off the worst of the impact. The most public damage in South Korea was to cinema chain CJ CGV Co. It was restoring its advertising servers at dozens of theaters after the attack left the company unable to display trailers of upcoming movies. The attack was disrupting computers that run factories, banks, government agencies and transport systems in scores of countries, including Russia, Ukraine, Brazil, Spain, India and Japan, among others. Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp. in the U.S. and French carmaker Renault all reported troubles. Experts were urging organizations and companies to immediately update older Microsoft operating systems, such as Windows XP, with a patch released by Microsoft Corp. to limit vulnerability to a more powerful version of the malware — or to future versions that can't be stopped. Paying the ransom will not ensure any fix, said Eiichi Moriya, a cyber security expert and professor at Meiji University. "You are dealing with a criminal," he said. "It's like after a robber enters your home. You can change the locks but what has happened cannot be undone. If someone kidnaps your child, you may pay your ransom but there is no guarantee your child will return." New variants of the rapidly replicating worm were discovered Sunday and one did not include the so-called kill switch that allowed researchers to interrupt its spread Friday by diverting it to a dead end on the internet. Ryan Kalember, senior vice president at Proofpoint Inc. which helped stop its spread, said the version without a kill switch could spread. It was benign because it contained a flaw that prevented it from taking over computers and demanding ransom to unlock files but other more malicious ones will likely pop up. "We haven't fully dodged this bullet at all until we're patched against the vulnerability itself," Kalember said. The attack held users hostage by freezing their computers, popping up a red screen with the words, "Oops, your files have been encrypted!" and demanding money through online bitcoin payment — $300 at first, rising to $600 before it destroys files hours later. Just one person in an organization who clicked on an infected attachment or bad link, would lead to all computers in a network becoming infected, said Vikram Thakur, technical director of Symantec Security Response. "That's what makes this more troubling than ransomware was a week ago," Thakur said. The attack has hit more than 200,000 victims across the world since Friday and is seen as an "escalating threat," said Rob Wainwright, the head of Europol, Europe's policing agency. "The numbers are still going up," Wainwright said. Microsoft's top lawyer is laying some of the blame at the feet of the U.S. government. Brad Smith criticized U.S. intelligence agencies, including the CIA and National Security Agency, for "stockpiling" software code that can be used by hackers. Cybersecurity experts say the unknown hackers who launched this weekend's "ransomware" attacks used a vulnerability that was exposed in NSA documents leaked online. It was too early to say who was behind the onslaught, which struck 100,000 organizations, and what their motivation was, aside from the obvious demand for money. So far, not many people have paid the ransom demanded by the malware, Europol spokesman Jan Op Gen Oorth told The Associated Press. Researchers who helped prevent the spread of the malware and cybersecurity firms worked around the clock during the weekend to monitor the situation and install a software patch to block the worm from infecting more computers in corporations across the U.S., Europe and Asia. "Right now, just about every IT department has been working all weekend rolling this out," said Dan Wire, spokesman at Fireeye Security. Installing the Microsoft patch is one way to secure computers against the virus. The other is to disable a type of software that connects computers to printers and faxes, which the virus exploits, O'Leary added. Microsoft distributed a patch two months ago that could have forestalled much of the attack, but in many organizations it was likely lost among the blizzard of updates and patches that large corporations and governments strain to manage. AP researcher Yu Bing and news assistant Liu Zheng in Beijing; Youkyung Lee in Seoul and Kelvin Chan in Hong Kong contributed to this report.


News Article | May 15, 2017
Site: hosted2.ap.org

Essential News from The Associated Press A patient takes a nap on her wheelchair as she waits with others at the registration desk at Dharmais Cancer Hospital in Jakarta, Indonesia, Monday, May 15, 2017. Global cyber chaos was spreading Monday as companies booted up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. (AP Photo/Dita Alangkara) A patient takes a nap on her wheelchair as she waits with others at the registration desk at Dharmais Cancer Hospital in Jakarta, Indonesia, Monday, May 15, 2017. Global cyber chaos was spreading Monday as companies booted up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. (AP Photo/Dita Alangkara) Patients wait at the registration desks at Dharmais Cancer Hospital in Jakarta, Indonesia, Monday, May 15, 2017. Global cyber chaos was spreading Monday as companies booted up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. (AP Photo/Dita Alangkara) A screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing, Saturday, May 13, 2017. Dozens of countries were hit with a huge cyberextortion attack Friday that locked up computers and held users' files for ransom at a multitude of hospitals, companies and government agencies. (AP Photo/Mark Schiefelbein) People walk in front of the headquarters building of Hitachi Ltd., center, in Tokyo, Monday, May 15, 2017. The global "ransomware" cyberattack hit computers at 600 locations in Japan, but appeared to cause no major problems as Japanese started their workday Monday even as the attack caused chaos elsewhere. Hitachi spokeswoman said emails were slow or not getting delivered, and files could not be opened. The company believes the problems are related to the ransomware attack, although no ransom appears to have been demanded so far. They were installing software to fix the problems. (AP Photo/Shizuo Kambayashi) FILE - In this May 11, 2017 file photo, the emblem of a Nissan car is seen at its showroom in Tokyo. Japan has fallen victim of a global "ransomware" cyberattack that has created chaos in 150 countries. Nissan Motor Co. confirmed Monday, May 15, 2017, some units had been targeted, but there was no major impact on its business. (AP Photo/Eugene Hoshiko, File) TOKYO (AP) — The worldwide "ransomware" cyberattack wreaked havoc in hospitals, schools and offices across the globe on Monday. Asia reported thousands of new cases but no large-scale breakdowns as workers started the week by booting up their computers. The full extent of the damage from the cyberattack felt in 150 countries was unclear and could worsen if more malicious variations of the online extortion scheme appear. The initial attack, known as "WannaCry," paralyzed computers running Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world. As a loose global network of cybersecurity experts fought the ransomware, the attack was disrupting computers that run factories, banks, government agencies and transport systems in scores of countries, including Russia, Ukraine, Brazil, Spain, India and Japan, among others. Among those hit were Russia's Interior Ministry and companies including Spain's Telefonica and FedEx Corp. in the U.S. Chinese state media said 29,372 institutions there had been infected along with hundreds of thousands of devices. The Japan Computer Emergency Response Team Coordination Center, a nonprofit group providing support in computer attacks, said 2,000 computers at 600 locations in Japan were reported affected. Companies including Hitachi and Nissan Motor Co. reported problems but said they said had not seriously affected their business operations. Auto manufacturer Renault said one of its plants, which employs 3,500 people in Douai, northern France, wasn't reopening Monday as technicians dealt with the cyberattack's aftermath. The temporary halt in production was a "preventative step," Renault said, giving no details on how badly the plant was affected by the malware. In China, universities and other educational institutions were among the hardest hit, possibly because schools tend to have old computers and be slow to update operating systems and security, said Fang Xingdong, founder of ChinaLabs, an internet strategy think tank. On social media students complained about not being able to access their work, and people in various cities said they hadn't been able to take their driving tests over the weekend because some local traffic police systems were down. Railway stations, mail delivery, gas stations, hospitals, office buildings, shopping malls and government services also were affected, China's Xinhua News Agency said, citing the Threat Intelligence Center of Qihoo 360, a Chinese internet security services company. Elsewhere in Asia, the Indonesian government urged businesses to update computer security after the malware locked patient files on computers in two hospitals in the capital, Jakarta. Patients arriving at Dharmais Cancer Hospital had to wait several hours while staff worked with paper records. Officials in Japan and South Korea said they believed security updates had helped ward off the worst of the impact. But the South Korean cinema chain CJ CGV Co. was restoring advertising servers at dozens of theaters after the attack left the company unable to display trailers of upcoming movies. Experts urged organizations and companies to immediately update older Microsoft operating systems, such as Windows XP, with a patch released by Microsoft Corp. to limit vulnerability to a more powerful version of the malware — or to future versions that can't be stopped. Paying ransom will not ensure any fix, said Eiichi Moriya, a cybersecurity expert and professor at Meiji University. "You are dealing with a criminal," he said. "It's like after a robber enters your home. You can change the locks but what has happened cannot be undone. If someone kidnaps your child, you may pay your ransom but there is no guarantee your child will return." New variants of the rapidly replicating worm were discovered Sunday. One did not include the so-called kill switch that allowed researchers to interrupt the malware's spread Friday by diverting it to a dead end on the internet. Ryan Kalember, senior vice president at Proofpoint Inc. which helped stop its spread, said the version without a kill switch could spread. It was benign because it contained a flaw that prevented it from taking over computers and demanding ransom to unlock files but other more malicious ones will likely pop up. "We haven't fully dodged this bullet at all until we're patched against the vulnerability itself," Kalember said. The attack held users hostage by freezing their computers, popping up a red screen with the words, "Oops, your files have been encrypted!" and demanding money through online bitcoin payment — $300 at first, rising to $600 before it destroys files hours later. Just one click on an infected attachment or bad link would lead to all computers in a network becoming infected, said Vikram Thakur, technical director of Symantec Security Response. "That's what makes this more troubling than ransomware was a week ago," Thakur said. The attack has hit more than 200,000 victims across the world since Friday and is seen as an "escalating threat," said Rob Wainwright, the head of Europol, Europe's policing agency. "The numbers are still going up," Wainwright said. Microsoft's top lawyer is laying some of the blame at the feet of the U.S. government. Brad Smith criticized U.S. intelligence agencies, including the CIA and National Security Agency, for "stockpiling" software code that can be used by hackers. Cybersecurity experts say the unknown hackers who launched this weekend's "ransomware" attacks used a vulnerability that was exposed in NSA documents leaked online. It was too early to say who was behind the onslaught, which struck 100,000 organizations, and what their motivation was, aside from the obvious demand for money. So far, not many people have paid the ransom demanded by the malware, Europol spokesman Jan Op Gen Oorth told The Associated Press. Researchers who helped prevent the spread of the malware and cybersecurity firms worked around the clock over the weekend to monitor the situation and install the software patch. "Right now, just about every IT department has been working all weekend rolling this out," said Dan Wire, spokesman at Fireeye Security. Microsoft distributed the patch two months ago, which could have forestalled much of the attack, but in many organizations it was likely lost among the blizzard of updates and patches that large corporations and governments strain to manage. Watt reported from Beijing. AP researcher Yu Bing and news assistant Liu Zheng in Beijing, John Leicester in Paris, Youkyung Lee in Seoul and Kelvin Chan in Hong Kong contributed to this report. Copyright 2017 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.


News Article | May 15, 2017
Site: hosted2.ap.org

The Latest: Japan Inc. sees no major impact from ransomware TOKYO (AP) — The latest on the global extortion cyberattack that hit dozens of countries (all times local): The problem with its home page wasn't ransomware after all, Osaka city hall said. The site is now back up but the real cause of the problem is not yet clear, said spokesman Hajime Nishikawa. Kyodo News said one personal computer was affected at one office at East Japan Railway Co., but train services were not affected. A Japanese nonprofit says computers at 600 locations had been hit in the global "ransomware" cyberattack. Nissan Motor Co. confirmed Monday some units had been targeted, but there was no major impact on its business. Hitachi spokeswoman Yuko Tainiuchi said emails were slow or not getting delivered, and files could not be opened. The company believes the problems are related to the ransomware attack, although no ransom is being demanded. They were installing software to fix the problems. The Japan Computer Emergency Response Team Coordination Center said 2,000 computers in Japan were reported affected so far, citing an affiliate foreign security organization that it cannot identify. At least one hospital was affected, according to police. The city of Osaka said its home page went blank, although problems had not been detected otherwise. South Korea has been mostly spared from the global cyber chaos that crippled scores of governments and companies in 150 countries. Director Shin Dae Kyu at the state-run Korea Internet & Security Agency who monitors the private sector said Monday that five companies have reported they were targeted by a global "ransomware" cyberattack. While some companies did not report damages to the government, South Korea was yet to see crippling damages, he said. The most public damage was on the country's largest movie chain. CJ CGV Co. was restoring its advertising servers at dozens of its movie theaters after the attack left the company unable to display trailers of upcoming movies. Its movie ticket systems were unaffected. Another government security official said no government systems were affected. Global cyber chaos is spreading Monday as companies boot up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. The initial attack, known as "WannaCry," paralyzed computers running Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world. As a loose global network of cybersecurity experts fought the ransomware hackers, in China, state media said more than 29,000 institutions had been infected along with hundreds of thousands of devices. The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.


News Article | May 15, 2017
Site: hosted2.ap.org

The Latest: Renault plant closed because of cyberattack (AP) — The latest on the global extortion cyberattack that hit dozens of countries (all times local): In France, auto manufacturer Renault said one of its plants, which employs 3,500 people in Douai, northern France, wasn't reopening Monday as technicians continued to deal with the aftermath of the global cyberattack. The company described the temporary halt in production as a "preventative step." The company gave no details on the degree to which the plant was affected by the malware. Renault said all of its other plants in France were open Monday. The problem with its home page wasn't ransomware after all, Osaka city hall said. The site is now back up but the real cause of the problem is not yet clear, said spokesman Hajime Nishikawa. Kyodo News said one personal computer was affected at one office at East Japan Railway Co., but train services were not affected. A Japanese nonprofit says computers at 600 locations had been hit in the global "ransomware" cyberattack. Nissan Motor Co. confirmed Monday some units had been targeted, but there was no major impact on its business. Hitachi spokeswoman Yuko Tainiuchi said emails were slow or not getting delivered, and files could not be opened. The company believes the problems are related to the ransomware attack, although no ransom is being demanded. They were installing software to fix the problems. The Japan Computer Emergency Response Team Coordination Center said 2,000 computers in Japan were reported affected so far, citing an affiliate foreign security organization that it cannot identify. At least one hospital was affected, according to police. The city of Osaka said its home page went blank, although problems had not been detected otherwise. South Korea has been mostly spared from the global cyber chaos that crippled scores of governments and companies in 150 countries. Director Shin Dae Kyu at the state-run Korea Internet & Security Agency who monitors the private sector said Monday that five companies have reported they were targeted by a global "ransomware" cyberattack. While some companies did not report damages to the government, South Korea was yet to see crippling damages, he said. The most public damage was on the country's largest movie chain. CJ CGV Co. was restoring its advertising servers at dozens of its movie theaters after the attack left the company unable to display trailers of upcoming movies. Its movie ticket systems were unaffected. Another government security official said no government systems were affected. Global cyber chaos is spreading Monday as companies boot up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. The initial attack, known as "WannaCry," paralyzed computers running Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world. As a loose global network of cybersecurity experts fought the ransomware hackers, in China, state media said more than 29,000 institutions had been infected along with hundreds of thousands of devices. The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.


News Article | May 15, 2017
Site: hosted2.ap.org

Log in, look out: Cyber chaos spreads with workweek's start (AP) — Global cyber chaos is spreading Monday as companies boot up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. The initial attack, known as "WannaCry," paralyzed computers running Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world. As a loose global network of cybersecurity experts fought the ransomware hackers, Chinese state media said 29,372 institutions there had been infected along with hundreds of thousands of devices. The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far. The government found no impact among agencies, though companies like Hitachi and Nissan Motor Co. reported problems that had not seriously affected their business operations. In China, universities and other educational institutions were among the hardest hit, about 15 percent of the internet protocol addresses attacked, according to the official Xinhua News Agency. Railway stations, mail delivery, gas stations, hospitals, office buildings, shopping malls and government services were affected, the news agency said, citing the Threat Intelligence Center of Qihoo 360, a Chinese internet security services company. Officials in Japan and South Korea said they believed security updates had helped ward off the worst of the impact. The attack was disrupting computers that run factories, banks, government agencies and transport systems in Russia, Ukraine, Brazil, Spain, India and Japan, among others. Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp. in the U.S. and French carmaker Renault all reported troubles. Experts were urging organizations and companies to update older Microsoft operating systems immediately to limit vulnerability to a more powerful version of the malware — or to future versions that can't be stopped. New variants of the rapidly replicating worm were discovered Sunday and one did not include the so-called kill switch that allowed researchers to interrupt its spread Friday by diverting it to a dead end on the internet. Ryan Kalember, senior vice president at Proofpoint Inc. which helped stop its spread, said the version without a kill switch could spread but was benign because it contained a flaw that prevented it from taking over computers and demanding ransom to unlock files. "I still expect another to pop up and be fully operational," Kalember said. "We haven't fully dodged this bullet at all until we're patched against the vulnerability itself." The attack held users hostage by freezing their computers, popping up a red screen with the words, "Oops, your files have been encrypted!" and demanding money through online bitcoin payment — $300 at first, rising to $600 before it destroys files hours later. Just one person in an organization who clicked on an infected attachment or bad link, would lead to all computers in a network becoming infected, said Vikram Thakur, technical director of Symantec Security Response. "That's what makes this more troubling than ransomware was a week ago," Thakur said. Gillian Wong reported from Beijing. Youkyung Lee in Seoul contributed to this report.


News Article | May 15, 2017
Site: hosted2.ap.org

Log in, look out: Cyber chaos spreads with workweek's start (AP) — Global cyber chaos is spreading Monday as companies boot up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. The initial attack, known as "WannaCry," paralyzed computers running Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world. As a loose global network of cybersecurity experts fought the ransomware hackers, in China, state media said more than 29,000 institutions had been infected along with hundreds of thousands of devices. The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.


News Article | May 15, 2017
Site: hosted2.ap.org

The Latest: Japan Inc. sees no major impact from ransomware (AP) — The latest on the global extortion cyberattack that hit dozens of countries (all times local): A Japanese nonprofit says has computers at 600 locations had been hit in the global "ransomware" cyberattack. Nissan Motor Co. confirmed Monday some units had been targeted, but there was no major impact on its business. Hitachi spokeswoman Yuko Tainiuchi said emails were slow or not getting delivered, and files could not be opened. The company believes the problems are related to the ransomware attack, although no ransom is being demanded. They were installing software to fix the problems. The Japan Computer Emergency Response Team Coordination Center said 2,000 computers in Japan were reported affected so far, citing an affiliate foreign security organization that it cannot identify. At least one hospital was affected, according to police. The city of Osaka said its home page went blank, although problems had not been detected otherwise. South Korea has been mostly spared from the global cyber chaos that crippled scores of governments and companies in 150 countries. Director Shin Dae Kyu at the state-run Korea Internet & Security Agency who monitors the private sector said Monday that five companies have reported they were targeted by a global "ransomware" cyberattack. While some companies did not report damages to the government, South Korea was yet to see crippling damages, he said. The most public damage was on the country's largest movie chain. CJ CGV Co. was restoring its advertising servers at dozens of its movie theaters after the attack left the company unable to display trailers of upcoming movies. Its movie ticket systems were unaffected. Another government security official said no government systems were affected. Global cyber chaos is spreading Monday as companies boot up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. The initial attack, known as "WannaCry," paralyzed computers running Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world. As a loose global network of cybersecurity experts fought the ransomware hackers, in China, state media said more than 29,000 institutions had been infected along with hundreds of thousands of devices. The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.


News Article | May 15, 2017
Site: hosted2.ap.org

(AP) — The worldwide "ransomware" cyberattack wreaked havoc in hospitals, schools and offices across the globe on Monday. Asia reported thousands of new cases but no large-scale breakdowns as workers started the week by booting up their computers. The full extent of the damage from the cyberattack felt in 150 countries was unclear and could worsen if more malicious variations of the online extortion scheme appear. The initial attack, known as "WannaCry," paralyzed computers running Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world. As a loose global network of cybersecurity experts fought the ransomware, the attack was disrupting computers that run factories, banks, government agencies and transport systems in scores of countries, including Russia, Ukraine, Brazil, Spain, India and Japan, among others. Among those hit were Russia's Interior Ministry and companies including Spain's Telefonica and FedEx Corp. in the U.S. Chinese state media said 29,372 institutions there had been infected along with hundreds of thousands of devices. The Japan Computer Emergency Response Team Coordination Center, a nonprofit group providing support in computer attacks, said 2,000 computers at 600 locations in Japan were reported affected. Companies including Hitachi and Nissan Motor Co. reported problems but said they said had not seriously affected their business operations. Auto manufacturer Renault said one of its plants, which employs 3,500 people in Douai, northern France, wasn't reopening Monday as technicians dealt with the cyberattack's aftermath. The temporary halt in production was a "preventative step," Renault said, giving no details on how badly the plant was affected by the malware. In China, universities and other educational institutions were among the hardest hit, possibly because schools tend to have old computers and be slow to update operating systems and security, said Fang Xingdong, founder of ChinaLabs, an internet strategy think tank. Railway stations, mail delivery, gas stations, hospitals, office buildings, shopping malls and government services also were affected, China's Xinhua News Agency said, citing the Threat Intelligence Center of Qihoo 360, a Chinese internet security services company. Elsewhere in Asia, the Indonesian government urged businesses to update computer security after the malware locked patient files on computers in two hospitals in the capital, Jakarta. Patients arriving at Dharmais Cancer Hospital had to wait several hours while staff worked with paper records. Officials in Japan and South Korea said they believed security updates had helped ward off the worst of the impact. But the South Korean cinema chain CJ CGV Co. was restoring advertising servers at dozens of theaters after the attack left the company unable to display trailers of upcoming movies. Experts urged organizations and companies to immediately update older Microsoft operating systems, such as Windows XP, with a patch released by Microsoft Corp. to limit vulnerability to a more powerful version of the malware — or to future versions that can't be stopped. Paying ransom will not ensure any fix, said Eiichi Moriya, a cybersecurity expert and professor at Meiji University. "You are dealing with a criminal," he said. "It's like after a robber enters your home. You can change the locks but what has happened cannot be undone. If someone kidnaps your child, you may pay your ransom but there is no guarantee your child will return." New variants of the rapidly replicating worm were discovered Sunday. One did not include the so-called kill switch that allowed researchers to interrupt the malware's spread Friday by diverting it to a dead end on the internet. Ryan Kalember, senior vice president at Proofpoint Inc. which helped stop its spread, said the version without a kill switch could spread. It was benign because it contained a flaw that prevented it from taking over computers and demanding ransom to unlock files but other more malicious ones will likely pop up. "We haven't fully dodged this bullet at all until we're patched against the vulnerability itself," Kalember said. The attack held users hostage by freezing their computers, popping up a red screen with the words, "Oops, your files have been encrypted!" and demanding money through online bitcoin payment — $300 at first, rising to $600 before it destroys files hours later. Just one click on an infected attachment or bad link would lead to all computers in a network becoming infected, said Vikram Thakur, technical director of Symantec Security Response. "That's what makes this more troubling than ransomware was a week ago," Thakur said. The attack has hit more than 200,000 victims across the world since Friday and is seen as an "escalating threat," said Rob Wainwright, the head of Europol, Europe's policing agency. "The numbers are still going up," Wainwright said. Microsoft's top lawyer is laying some of the blame at the feet of the U.S. government. Brad Smith criticized U.S. intelligence agencies, including the CIA and National Security Agency, for "stockpiling" software code that can be used by hackers. Cybersecurity experts say the unknown hackers who launched this weekend's "ransomware" attacks used a vulnerability that was exposed in NSA documents leaked online. It was too early to say who was behind the onslaught, which struck 100,000 organizations, and what their motivation was, aside from the obvious demand for money. So far, not many people have paid the ransom demanded by the malware, Europol spokesman Jan Op Gen Oorth told The Associated Press. Researchers who helped prevent the spread of the malware and cybersecurity firms worked around the clock over the weekend to monitor the situation and install the software patch. "Right now, just about every IT department has been working all weekend rolling this out," said Dan Wire, spokesman at Fireeye Security. Microsoft distributed the patch two months ago, which could have forestalled much of the attack, but in many organizations it was likely lost among the blizzard of updates and patches that large corporations and governments strain to manage. Watt reported from Beijing. AP researcher Yu Bing and news assistant Liu Zheng in Beijing, John Leicester in Paris, Youkyung Lee in Seoul and Kelvin Chan in Hong Kong contributed to this report.


News Article | May 15, 2017
Site: hosted2.ap.org

The Latest: Japan Inc. sees no major impact from ransomware (AP) — The latest on the global extortion cyberattack that hit dozens of countries (all times local): A Japanese nonprofit says computers at 600 locations had been hit in the global "ransomware" cyberattack. Nissan Motor Co. confirmed Monday some units had been targeted, but there was no major impact on its business. Hitachi spokeswoman Yuko Tainiuchi said emails were slow or not getting delivered, and files could not be opened. The company believes the problems are related to the ransomware attack, although no ransom is being demanded. They were installing software to fix the problems. The Japan Computer Emergency Response Team Coordination Center said 2,000 computers in Japan were reported affected so far, citing an affiliate foreign security organization that it cannot identify. At least one hospital was affected, according to police. The city of Osaka said its home page went blank, although problems had not been detected otherwise. South Korea has been mostly spared from the global cyber chaos that crippled scores of governments and companies in 150 countries. Director Shin Dae Kyu at the state-run Korea Internet & Security Agency who monitors the private sector said Monday that five companies have reported they were targeted by a global "ransomware" cyberattack. While some companies did not report damages to the government, South Korea was yet to see crippling damages, he said. The most public damage was on the country's largest movie chain. CJ CGV Co. was restoring its advertising servers at dozens of its movie theaters after the attack left the company unable to display trailers of upcoming movies. Its movie ticket systems were unaffected. Another government security official said no government systems were affected. Global cyber chaos is spreading Monday as companies boot up computers at work following the weekend's worldwide "ransomware" cyberattack. The extortion scheme has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. The initial attack, known as "WannaCry," paralyzed computers running Britain's hospital network, Germany's national railway and scores of other companies and government agencies around the world. As a loose global network of cybersecurity experts fought the ransomware hackers, in China, state media said more than 29,000 institutions had been infected along with hundreds of thousands of devices. The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.


HARRISBURG, Pa., Dec. 8, 2016 /PRNewswire-USNewswire/ -- The Commonwealth Response Coordination Center (CRCC) at PA Emergency Management Agency headquarters outside Harrisburg has activated in response to a significant multi-vehicle accident and road closure on I-90 in Erie County....

Loading Coordination Center collaborators
Loading Coordination Center collaborators