WANNACRY RANSOMWARE HITS TAIPOWER AND HOSPITAL|勒索病毒全球肆虐 週一上班日續蔓延

Despite Microsoft's attempt to issue a patch to close the loophole, reports of attacks continued as companies returned to work on Monday. Bad news is that currently there is no known way to recover files from an affected system, you can only prevent the loss by backing up files as frequently as possible. Besides the En Chu Kong Hospital in New Taipei, Taipower is also believed that its 700 computers have been hit; Luckily, power generation and supply units were not affected. Europol estimates that the Wannacry ransomware has now spread to over 200,000 computer systems in 100,000 organizations across 150 countries. Reports of attacks continued as the work week began. Though Microsoft issued a patch for the security vulnerability this March, many agencies and individuals had been slow to install it until the attacks. Tax filing services were delayed at one tax office in order to update the systems. ==LIN CHI-CHIH Dir., Chiayi City Branch, Nat'l. Southern Area Tax Bureau == To inspect the systems with utmost caution, and upgrade all the software, we had to delay our services. We were not attacked. Taipower was a victim. The administrative computer system was attacked on the 13th, with preliminary estimates suggesting that 770 computers were infected. ==LIN TEH-FU Taipower Spokesperson== The power supply and dispatch system remains secure. However, we did discover that some administrative systems may have been attacked. This so-called ransomware encrypts all files on an infected computer, with a payment demanded in exchange for the decryption key. Prevention is currently the only defense. ==LIAO CHIH-MING Dir., TWCERT/CC== If you have been effected, there is essentially no solution right now. But if you turn on your computer and discover that you may have been infected, you must shut down the computer immediately. This will prevent the encryption from continuing on your hard drive. Experts said that victims are not assured of recovering the files even if they pay the ransom, and will only further enable the hackers. They also said that mutated versions of the software have been found. ==MAO CHING-HAO Sec. Chief, Cybersecurity Research Institute, III== Malicious software can mutate, and everyone must also be on the lookout for the next one. Operating system vulnerabilities will always be there, so you must be aware. An international organization has discovered 3 major bitcoin flows that may be related to this attack, totally about US$20,000 in value. However, as the transactions are not yet complete, the suspects still cannot be identified. Translated by JOHN CHEN 上週五晚間開始，勒索病毒在全球肆虐，今天上班日，雖然微軟已公佈漏洞修補方式，但災情仍不斷傳出，除了三峽恩主公醫院，台電也傳出，七百多台行政作業電腦中毒，所幸不影響電廠機組供電。專家指出，這款病毒只能預防，萬一中毒，恐怕補救不了，另外要特別提高警覺的是，病毒傳出已經變種。 讓人想哭的wannacry勒索病毒，歐洲警政署預估，至少入侵全球150個國家，超過十萬個機構、20萬台電腦受害，週一上班日，災情也繼續蔓延，微軟雖然在今年3月，就公佈修補漏洞程式，但多數機關個人疏於防範，一早上班趕緊修補，南區國稅局因此造成延誤報稅作業。 ==南區國稅局嘉義市分局 局長 林啟智== 為了慎重進行全面的檢測 把所有的程式都更新 所以才有這個延誤 並沒有被入侵 台電也傳出災情，大林電廠的行政電腦在13號遭到攻擊，粗估有770台電腦疑似感染病毒。 ==台電發言人 林德福== 在供電調度這方面是安全的 那我們的確有發現一些行政電腦 有疑似感染的現象 這波勒索病毒，藉由病毒散佈鎖死電腦檔案，要求被害者付出贖金來解密，目前只能預防。 ==台灣電腦網路危機處理暨協調中心 主任 廖志明== 你已經中毒的話 目前基本上 比較沒有一個解決的方式 但是如果你發覺 一打開電腦的時候 如果發覺可能中毒的現象 你要立刻關機 因為立刻關機之後 可以保護你的硬碟資料 不會被繼續加密 專家呼籲受害民眾，擔心檔案無法恢復選擇交付贖金，不見得可以拿回檔案，反而會讓駭客變本加厲，而且變種病毒已經出現。 ==資策會資安所組長 毛敬豪== 惡意程式會變種 而且可能還是要防範下一次 因為作業系統漏洞一直層出不窮 所以還是要提高警覺 國際上有組織追查發現，目前有3個與這次勒索病毒有關的比特幣流向，約共有2萬美元的贖金，由於比特幣尚未轉移，嫌犯的身分還無法追蹤。 記者 陳姝君 張梓嘉 台北報導