x

Abu Dhabi, UAESunday 16 December 2018

UAE on high alert over WannaCry attack

The Telecommunications Regulatory Authority says e-government services are unaffected by bug that preys on older computers running Microsoft Windows.

UAE companies and government agencies have been urged to be on the alert in the wake of one of the world’s largest ever cyber attacks, which has affected computer systems in around 100 countries, even as the Middle East has so far remained relatively unaffected.

Malware under the name of WannaCry began spreading to European computer systems on Friday evening, encrypting users’ personal data and demanding payment of between US$300-$600.

More than 75,000 systems in 99 countries have been affected so far.

The UK’s National Health Service was an early target of the attacks, together with several Russian banks and Spanish telecoms operator Telefonica.

Turkey’s Information and Communication Technologies Authority said that its cyber security centre was working to contain the spread of the virus in the country.

“So far we have not received any e-government services cases that are affected by the virus,” said the Computer Emergency Response Team of the UAE’s Telecommunications Regulatory Authority (TRA) in a statement on state news agency Wam.

However, analysts from Kaspersky Labs produced analysis suggesting that the malware had infected computers in the UAE, Saudi Arabia, Egypt and Jordan, giving no further details as to which organisations had been affected.

“Right now our company hasn’t been alerted to any specific problems in the UAE,” said Eddie Schwartz, the executive vice president of cyber services at DarkMatter, an Abu Dhabi-based cyber security firm.

“As part of our day-to-day work we’re undertaking a few active investigations as part of our instant response team.”

WannaCry is believed by security experts to be based on a bug found by the US National Security Agency, named “Eternal Blue”, which can be used to exploit computers running Microsoft Windows.

Details of the bug exploit were leaked by hacking group Shadow Brokers last month, prompting security experts to predict that cyber criminals would use the exploit to create malware.

While Microsoft promptly issued an update to Windows to fix the vulnerability, older computers that had not installed the update remained vulnerable to attack.

“I can’t even imagine the extent of the damage in Mena due to Windows XP dependence,” said Matthieu Suiche, founder of the UAE-based cyber security company Comae Technologies, in a post on Twitter.

Mr Suiche told The National that “mature” organisations running old operating systems that weren’t regularly patched were especially vulnerable.

Microsoft on Saturday issued several further security updates to older and unsupported versions of Windows, including Windows XP and Windows 8.

“We started reaching out to clients on Friday evening to make sure they had the right systems updates in place and were generally prepared,” said the owner of an Abu Dhabi-based IT consultancy, who asked not to be named.

“None of our clients have reported anything so far, but you feel as if it’s a matter of time before we hear about infections, because [the virus] gets hold of everyone’s emails and spreads itself that way.”

The TRA warned users to be alert to threats, urging them “not to open links and files that may reach them from unknown sources, trying to deceive them to download them and then penetrate their devices”.

Saudi Arabia’s National Cyber Security Centre on Saturday urged users to shut down certain network ports, and to install the relevant security patch for Microsoft.

jeverington@thenational.ae

Follow The National’s Business section on Twitter