Publications
Partners
Cape Town - A cyber security expert has warned people not to open any unknown emails and to urgently update their security software as a global cyber ransom attack spread to South Africa on Saturday.
''We need people to understand that they must not open mail or attachments from senders they do not know,'' said Roi Shaposhnik of Johannesburg-based Gold N’ Links Cyber.
He said his company had seen the attack coming, and was currently helping local clients defend themselves against the attack.
The global courier company FedEx were among the first victims of the attack:
Official comment from FedEx in South Africa was not available, but a call centre operator said: ''We can't even track anything''.
Describing it as the biggest cyber attack in history, Shaposhnik said syndicates around the world targeted a weak spot in Microsoft security updates which lead to a massive crash.
The Guardian online reported that at least 99 countries have been hit, including Spain, Russia and China.
In the UK, patient files at the UK National Health Services were locked and patients could not be treated.
A demand for a ransom to be paid in the cyber crypto-currency Bitcoin was demanded.
Microsoft confirmed the ''painful'' attack by the malicious “WannaCrypt” software, which it said did not affect customers using Windows 10.
''Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers,'' a statement released via Twitter said.
It proved an urgent security update for customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003.
It noted that ''phishing'' was a component of the attacks and also urged vigilance when opening documents from untrusted or unknown sources.
Phishing involves an attempt to get private information from users, including their passwords and credit card numbers.
Phillip Misner, Principal Security Group Manager of Microsoft Security Response Center warned that the method of attack may evolve, and the company would provide updates.
He said in March the company released a security update which addresses the ''vulnerability that these attacks are exploiting'', so those who have Windows Update enabled are protected.
Organisations who have not yet applied the security update, should deploy Microsoft Security Bulletin MS17-010.
For customers using Windows Defender, the company released an update which detects this threat.
Shaposhnik added that people should be cautious on social media because it is not uncommon to track Twitter or Facebook posts to tailor an attack on those platforms.
He explained that a posting about a simple thing like a trip to the hairdresser could expose a person to being phished with an enticing offer to redeem a discount voucher at another hairdresser.
Once the link was opened, the attack could start.
He urged Facebook and Twitter users to keep their accounts closed to all but friends they know, and to not open links from unknown sources.
