Chinese colleges hit in global malware infection
TECH & SCI
By Yao Nian

2017-05-13 21:00 GMT+8

1088km to Beijing

By CGTN's Zhao Lingfeng‍
A global cyber-attack, using tools believed to have been developed by the National Security Agency in the US, has affected tens of thousands of computers in around 100 countries. In China, the victims were mainly PCs hooked up to college campus networks.
Map of attacked locations globally, produced by MalwareTech.com. /CGTN Photo
“Since 8 p.m. Friday, we received reports from students that their computers had been infected with the virus and that some of their files were encrypted,” said Jiang Kaida, the director at the Information Security Office of Shanghai Jiao Tong University. 
Ransomware “Wanna Cry.” /CGTN Photo
A Chinese version of the ransomware. /CGTN Photo
The ransomware "WannaCry" locks down all files on an infected computer. A window pops up, demanding the user pay a fee to regain control of their machine. The initial ransom is 300 US dollars worth of Bitcoin. The ransom goes up every few hours and when the time elapses, all the user's files are deleted.
Initial ransom: Bitcoin worth 300 US dollars. /CGTN Photo
It's being spread by taking advantage of a vulnerability in the Windows operating system, which Jiang says Microsoft released a patch for as early as this March. If users patched the vulnerability in time, they shouldn't be affected by this attack.
College students are considered among the most vulnerable - with graduation season approaching, many of them are working on their theses. So far over a dozen colleges in China have issued an alert to their faculties and students, asking them to get their Windows systems up to date as soon as possible. 
The ransom goes up every few hours, until time elapses and all files are deleted. /CGTN Photo
Li Jianhua, the dean of the School of Cyber Security at Shanghai Jiao Tong University, says those who haven't updated yet are at risk, and individual users should fortify their firewalls and anti-virus software settings as soon as possible.
But for those whose computers are already infected, the encryption of the ransomware is too advanced. Individual users would not be able to recover their files without paying the ransom, according to Li. He also suggests frequent system back-ups onto an external hard-drive and patching the system when an update becomes available.
1088km

READ MORE