Internet Users in S Korea: Beware of Ransomware

ké radar

Ransomware, an international cyber-attack that started last Friday, hit South Korea over the weekend. Moviegoers in CJ CGV, the country’s biggest multiplex cinema chain, reported seeing screens infected by the virus. As a preventative measure, the city of Incheon shut down the internet for 1,400 personal computers, in order to install an updated security program.

“Ransomware at CGV. Really?”

Last Friday, ransomware first attacked the National Health Service in the UK, ransacking hospital networks and creating a tech blackout. 

Ransomware is essentially a program that holds data hostage. It encrypts the user’s data and demands money in return for a decryption key. WannaCry, a form of ransomware with links apparently to North Korea, has affected over 10,000 organizations and 200,000 individuals in at least 150 countries. The malware acts like a worm, infecting other computers in the same network — which is why many businesses, governments and hospitals have been affected. 

So far, it’s hard to know how widespread the infection is in South Korea. The state-run Korea Internet and Security Agency (KISA) says ten organizations have been infected. KISA only keeps track of organizations and does not know how many personal computers were affected. AhnLab, another internet security company founded by presidential runner Ahn Cheol-soo, estimated that around 190 personal computers have been affected as of May 15.

The estimated amount of damage in South Korea as of May 15. (Source: NSHC Red Alert)

NSHC, a South Korea-based security consulting company founded by a group of underground hackers, is keeping track of the five bitcoin accounts that allegedly send money back to the malware creators. The total damage in South Korea has so far exceeded 70 million Korean won (over 60,000 U.S. dollars).

“The governments of the world should treat this attack as a wake-up call,” said Brad Smith, president and chief legal officer of Microsoft. “We need the tech sector, customers, and governments to work together to protect against cyber security attacks.”

This is not the first time South Korea has been affected by ransomware. RanCERT, an agency in South Korea that monitors ransomware infections, reported that approximately 130,000 cases were reported last year, costing around 300 billion won (around 270 million dollars).

KISA and the Ministry of Science, ICT and Future Planning are urging people to update their PC security program, as well as to file an immediate report upon infection. 

“There’s currently no way to retrieve the encrypted files [without paying the hackers],” Yoon Gwang-taek, CTO of Symantec Korea, told news outlet Digital Daily. “It’s important to back up your files as a preventative measure.”

Users who use MacOS, ChromeOS or Linux don’t have to worry about WannaCry ransomware. Those who use PC, check if your operating system is at risk

 

Cover Image: (Source: Flickr)

Seohoi is a former intern at Korea Exposé and currently an undergrad at Yonsei Underwood International College, where she studies political science and international relations.