While the world is bracing for more disruptions caused by the WannaCry ransomware cyberattack as the workweek starts on Monday, multiple reports of devices being infected are coming in from various parts of Asia.
China's Xinhua News Agency reported that thousands of devices in as many as 29,372 institutions have been infected by the ransomware attack, which created a global mayhem on Friday spreading to nearly 100 countries in no time. According to the agency, the cyberattack targeted 4,341 universities and educational institutions, and about 15 percent of internet protocol addresses stand hacked till date.
Meanwhile in Hong Kong, the ransomware reportedly affected devices belonging to three individuals, who had not installed the latest security updates on their Windows 7 operating system, and were directly connected to the internet.
The global ransomware cyberattack also hit some units of Japan's Nissan Motor Co., which said on Monday that the attack didn't have a major impact on its business.
Hitachi also reported instances of email delays and file delivery failures. Although no ransom was being demanded, the company suspected the WannaCry ransomware cyberattack of causing the disturbances.
According to local broadcaster Nippon Television Network, 600 companies and 2,000 computers in Japan had been infected by the ransomware, which has now reportedly spread to over 150 countries.
In Indonesia, the ransomware hit computers in at least two hospitals, prompting the Indonesian government to urge businesses to update computer security. The malware reportedly locked patient files on computers in the two affected hospitals in Jakarta on the weekend, forcing patients to wait several hours to get queue numbers.
The WannaCry ransomware also caused major disruptions in India as well. On Sunday, the Maharashtra police department said it was partially hit by the cyberattack.
The Computer Emergency Response Team of India (CERT-In), a nodal government agency that deals with cybersecurity threats like hacking and phishing, issued a red-coloured critical alert on Saturday to help internet users better protect against the WannaCry ransomware.
It has been reported that a new ransomware named as "Wannacry" is spreading widely. Wannacry encrypts the files on infected Windows systems. This ransomware spreads by using a vulnerability in implementations of Server Message Block (SMB) in Windows systems. This exploit is named as ETERNALBLUE.
The ransomware called WannaCrypt or WannaCry encrypts the computer's hard disk drive and then spreads laterally between computers on the same LAN. The ransomware also spreads through malicious attachments to emails.
In order to prevent infection, users and organizations are advised to apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010.
The alert was followed by the Gujarat government's effort to equip state computer systems with anti-virus software tools and upgrade its Microsoft operating systems.
On Monday, CERT-In also published a YouTube webcast on "Prevention of WannaCry Ransomware Threat."
The WannaCry ransomware is believed to have originated from cyberweapons developed by the US National Security Agency (NSA). The malware was reportedly released on April 14 by a hacker group called Shadow Brokers, which claimed last year to have stolen a cache of "cyber weapons" from the federal agency.
A 22-year-old security researcher later said he spotted a kill switch that could prevent the malware from spreading. However, the researcher also warned that "people need to patch ASAP or risk being re-infected" as the attackers could be back with a second version of the ransomware.