Singapore companies spared the brunt of NotPetya
A new ransomware attack on Tuesday night has wreaked havoc on the IT systems of major organisations across the globe.
Though Singapore seems to have escaped relatively unscathed so far, several companies lost work hours today after telling their staff not to turn on their computers as a precaution.
At least two companies took the precautions after noticing “interference” on some of their IT systems. It is not clear if they had been infected by the ransomware, which has been dubbed NotPetya.
Cyber Security Agency’s (CSA) Singapore Computer Emergency Response Team (SingCert) said on its website that it was alerted to the global spread of NotPetya, which is inspired by WannaCry, and described it as “more dangerous and intrusive” than WannaCry.
The first attacks were reported from Russia and Ukraine, and subsequently spread to the UK, France, Germany, Italy, Poland, US, Australia and India.
The attacks affected at least 2,000 individuals and organisations worldwide, The Guardian reported.
Those affected by NotPetya were told to pay US$300 (S$416) in cryptocurrency per infected computer to unlock their systems. Those who paid failed to get their computers unlocked.
A researcher told the Guardian that the software was “definitely not designed to make money” but “to spread fast and cause damage, (using the) plausibly deniable cover of ‘ransomware’”.
The NotPetya malware is so-called because while it shares code with an earlier ransomware strain called Petya, it is “a new ransomware that has not been seen before”, said security researchers at Kaspersky Lab.
Experts warn that the worst is not over, with systems worldwide still getting infected.
UK media company WPP said in a statement that IT systems at a number of its companies had been affected.
It said they are working to restore disrupted services, and many of their businesses are experiencing no or minimal disruption.
The world’s largest advertising agency did not specify how many WPP companies had been affected, but The New Paper understands that staff at Ogilvy & Mather Group Singapore, Cohn & Wolfe Singapore and Fitch Design Singapore were told not to turn on their office computers.
Some used their own computers or worked from home.
A spokesman for courier company TNT Express said it was experiencing interference with some systems in the TNT network and was taking remedial action.
TNP understands that staff members in its Singapore office received a message on Tuesday night about the attack and were told to unplug their computers.
It is understood that some of them took half a day’s leave on Wednesday.
Law firm DLA Piper Singapore said on its website that it had experienced issues with some systems due to suspected malware, and took down the systems as a “precautionary measure”.
In a joint statement, CSA and SingCert said they had not received any reports on NotPetya infection.
It added: “None of Singapore’s 11 Critical Information Infrastructure (CII) Sectors were affected; our government systems have not been affected.”
“The Singapore Government is closely monitoring the global situation. GovTech has put in place a range of measures which minimises the likelihood of government systems being infected by malware, including ransomware.”
SingCert also advised all computer users and companies to patch their Microsoft Windows computers to ensure their anti-virus software is updated with the latest malware definitions.
“Users should perform file backups and store them offline in case they need to restore their systems following an attack,” it added.