Vietnamese businesses begin to feel impact of WannaCry ransomware Around 800 personal computers and web servers in Vietnam had fallen victim to WannaCry ransomware as of Tuesday afternoon, local cyber security firm CMC Infosec said the same day.   A cartoon illustrating ransomware attacks on computer data. Tuoi Tre According to CMC Infosec, most infected devices are located in Hanoi, Ho Chi Minh City and Da Nang, as well as in their neighboring provinces. In Ho Chi Minh City, ransomware had attacked around 200 devices, mostly web servers, the company said. “Victims of WannaCry in Vietnam are mostly small and medium enterprises (SMEs) with underdeveloped security alert systems that use pirated versions of Microsoft Windows operating systems,” a CMC Infosec representative said. “Domain providers, data systems and companies with frequent data sharing and storage activities are among the prime targets.” WannaCry is a ransomware computer virus that targets the Microsoft Windows operating system. A global attack was launched last Friday, targeting a huge number of computer systems around the world by encrypting data stored on computers to demand money. Earlier reports by Bkav, a leading Vietnamese cyber security firm, suggested that up to 52 percent of computers in Vietnam were susceptible to the EternalBlue vulnerability found in Windows operating systems. According to Athena Cyber Security Training Center, a number of Vietnamese firms based in Binh Duong, Dong Nai and Ho Chi Minh City have suffered severe damage through ransomware attacks. “Accounting data, payables and customers information are encrypted in order to demand ransom money worth dozens of bitcoins, which are the equivalent of tens of thousands of US dollars,” said Vo Do Thang, director of the Athena Cyber Security Training Center. “Reports of WannaCry ransomware attacks began coming in on Monday morning,” Nguyen Minh Duc, director of Cyradar smart cyber security system, told Tuoi Tre (Youth) newspaper on Tuesday. Duc said the most serious attack to his knowledge had been on two data servers of a business which housed over 1,000 devices. “Their entire database on these servers had been encrypted,” Duc said. “Even backup files were lost, since they are also stored on the servers. The company has been forced to halt their operations due to the attack.” A real estate dealer based in Ho Chi Minh City said it had also fallen victim to the WannaCry ransomware and is threatening to sabotage their entire operation. “We are trying to save whatever data we can,” said Q., an employee at the company. “Our operations are in grave danger if the data cannot be saved. It’s no joke!” Another trading firm in Ho Chi Minh City has also been asked to pay VND400 million (US$17,000) to recover data encrypted by the ransomware. “It’s a type of ransomware, but it’s not WannaCry,” said C., the company’s CEO.   A ransom email sent to a company in Vietnam whose data have been encrypted by a ransomware. Photo: Tuoi Tre Through a cyber firm in Ho Chi Minh City, C. was able to make contact with a group of hackers from India who claimed they could decrypt the data for 12 bitcoins, or around $17,000. However, C. said the hackers suddenly terminated all contact before they could receive the sum, so the company’s data remains encrypted. The administration of Ho Chi Minh City has called for all units to take measures to mitigate the damage done by WannaCry ransomware attacks. According to Ho Chi Minh City’s Department of Information and Communications, no administrative body in the city had been attacked by ransomware as of Tuesday afternoon. TUOI TRE NEWS