SINGAPORE: Singapore’s critical information infrastructure (CII) remained unaffected by the global hacking attacks that affected governments and large organisations elsewhere, the Cyber Security Agency of Singapore (CSA) said on Monday (May 15).
Known as WannaCry, the ransomware exploits known vulnerabilities in old Microsoft operating systems. Cyber security experts cautioned that more machines could be affected by the virus as people around the world returned to work at the start of a new week.
“As of this afternoon, no critical information infrastructure has been affected,” said Dan Yock Hau, director of Singapore’s National Cyber Incident Response Centre, which is a unit of the CSA.
Mr Dan added that the unit would continue to track the situation closely and that it was working with the CII sectors to monitor their state of readiness.
“We are also tracking other sources of intelligence and have reached out to offer assistance to those (cases) that were brought to our attention,” he said.
Electronic signboards in malls like Tiong Bahru Plaza and White Sands and as well as a Desigual outlet at Orchard Central have been hit. Jerry Tng of cyber security firm Ivanti, noted that the signboards likely ran on systems that had not been updated with the latest security patches.
A ransomware message encountered by a Facebook user on a directory screen at Tiong Bahru Plaza on Saturday (May 13).
“There are many unpatched signages and point-of-sales (terminals) running embedded Windows OS,” Mr Tng said, referring to a version of the Microsoft operating system that is designed for use in embedded systems.
Cyber security researchers elsewhere have likewise drawn attention to the difficulty of patching such devices, which could include medical devices such as those used by hospitals in Britain that were affected by last Friday’s cyber attack.
“CSA’s National Cyber Security Monitoring Centre also monitors the developing global situation and track the technical indicators to assess the potential implication to Singapore so that we are able to work on the necessary responses and measures to take,” Mr Dan said on Monday.
He added that the National Cyber Incident Response Centre is working with internet service providers (ISPs) Singtel and StarHub to expand the ways in which they can help those affected.
Singtel and Starhub customers can contact their ISPs if they are affected, said Mr Dan, adding that businesses and members of the public can also refer to SingCERT’s advisory on WannaCry or seek help from SingCERT by contacting singcert@csa.gov.sg or 6323 5052.
