Emergency teams help firms combat ransomware as nationwide alert urges vigilance.
TWO hundred computers in Thailand were hit by the global ransomware attack but all had been fixed and could be used normally again, an official from a computer emergency response team said yesterday.
Surangkana Wayuparb, chief executive officer of the Electronic Transactions Development Agency (ETDA) and head of the Thailand Computer Emergency Response Team (ThaiCERT), said owners of the 200 computers infected by the WannaCry bug had not paid ransoms demanded to decode data encrypted by the hackers.
The basic problem on all the infected computers had been fixed and all were functioning normally after technicians followed the advice provided by ThaiCERT, she said, without elaborating on details.
On Sunday, Europol revealed that the WannaCry ransomware had affected 200,000 victims in 150 countries and described the cyberattack as “unprecedented”.
Pol Maj-General Siripong Timula, commander of the IT Support Division at the Office of Information and Communication Technology, advised people hit by WannaCry to not pay the ransoms demanded but instead collect evidence and file a complaint with the Technology Crime Suppression Division (TCSD).
Prime Minister Prayut Chan-o-cha said yesterday government agencies had not been affected by the malware but a few big companies had.
Following the reported cyberattack, Prayut said a lack of control could be dangerous.
“It’s necessary that we keep things under control but I don’t mean that we are going to restrict people’s access to information,” he said. He also ordered all government agencies to be vigilant about the cyberattack, check for loopholes, update cybersecurity tools and educate officials.
The Bank of Thailand has been alerted to watch for signs of WannaCry infections but there were not any reports yesterday that bank computers in Thailand had been affected.
Surangkana said as a long-term strategy, the ETDA would prepare computer users to deal with cyber threats. This year, the agency will spend Bt400 million to help ThaiCERT develop skills and technology to deal with cybersecurity issues.
She said a cybersecurity bill was being debated by the National Reform Steering Assembly, but in her view the bill was not as important as training skilled IT workers who could deal with cyber threats.
Somsak Khaosuwan, deputy permanent secretary of the Ministry of Digital Economy and Society, said if government computers were infected, the ministry would advise them to immediately shut down their systems and alert ThaiCERT.
State agencies had already backed up information on computer systems, so problems should not affect services if government computers become infected, Somsak said.
Organisations with infected computers can contact the Online Complaint Centre on 1212 or directly inform ThaiCERT at 02-123-1212, which is taking calls 24 hours a day.
Meanwhile, Twitter users shared photos on Sunday showing two digital advertising boards infected with the ransomware, which displayed a message from the hackers instead of the normal advertisements as Bangkok traffic passed by, the Thaivisa website reported.
One photo, shared by Twitter user ALiCE6TY9 on Saturday, showed one infected ad board located on Wireless Road. There were also reports of another board infected in the Vibhavadi area in northern Bangkok.
Meanwhile, Chanwit Kaewkasi, a lecturer at the Computer Engineering Department at the Suranaree University of Technology in Nakhon Ratchasim province, yesterday demonstrated the Block Wannacry program, which was developed by university lecturers to protect computers from the malware.
The program is now available for free download with more than 1 million visits at the host webpage and tens of thousands of downloads.
Royal Thai Police deputy spokesman Colonel Krisana Pattanacharoen said national police chief Pol General Chakthip Chaijinda had ordered agencies to be careful in downloading data from the Internet and vigilant in safeguarding data on government PCs as the ransomware spread.
Interpol had warned Thai police about the attack and also urged vigilance but so far police systems had not been affected, he said.
Meanwhile, a Microsoft spokesperson released a statement that said people who installed free anti-virus software or Windows updates would be protected.
Given the serious potential impact on Microsoft customers and their businesses, the company has released updates for Windows XP, Windows 8 and Windows Server 2003.
Republished with permission from The Nation