A recent cyber attack mainly on hospitals and organisations globally with the malware called – WannaCry ransomware, has also hit Shaukat Khanum Memorial Cancer Hospital and Research Centre, which is known to have the biggest network in healthcare in Pakistan.
Different sources disclosed, that the red alert was started appearing yesterday afternoon on different computers in SKMCH Lahore on startup or even just in the middle of something when they were operating it. Concerned authorities sent emails notifying the doctors and employees about the possible cyber attack and advised to shutdown the systems immediately without performing any actions as requested by the red pop-up.
It’s, however, reported that the hospital only shutdown the systems all across the network while having a few machines remained on to continue providing health services to patients. No further action was reported as taken. Following email was sent to the employees and doctors at SKMCH.
ALERT: Ransomware outbreak “WannaCry”
A global outbreak was reported earlier today on a new ransomware threat called “WannaCry.” Ransomware is a type of malware that is designed to block access to your system and/or information until you pay money (or a “ransom”) to unlock it. This is a very dangerous type of malware, as even if you pay, there is nothing to stop the attacker from doing it again.
Please stay vigilant! If you receive an email that seems suspicious, here are a few reminders:
- Watch for the “[EXTERNAL]” marker in the subject line
- Check where the email is “From” – Do you recognize the sender?
- Do not reply or forward the email to other employees
- Do not click links or open attachments within the email
- Report the email by forwarding it to [[email protected]]
How to tell if you are infected
If you see a pop-up window indicating your company computer has been locked or encrypted, or if you see a pop-up that may look like a legitimate notice saying your computer is infected and asking you to click a link, then your device may have been infected and you need to take immediate action. The pop-up may look something like this:
Take immediate action
- Shut off your computer. If you suspect that your computer has been infected with ransomware, immediately shut off your computer and disconnect from the company network
- Notify MIS Department. Immediately contact MIS Help Line at [XXXX]
What’s WannaCry Ransomware?
Yesterday, an outbreak of a cyber attack was happened to target mainly hospitals and organisations globally reportedly hitting 74 countries.
“Security researchers at Kaspersky Lab have recorded more than 45,000 attacks in 74 countries, including the UK, Russia, Ukraine, India, China, Italy, and Egypt. In Spain, major companies including telecommunications firm Telefónica were infected.”
The numbers now have been increased to 99 countries according to The Guardians.
What actually does the Malware?
The cyber attack’s basic purpose is to get ransom from organisations with infected network and computers. As per the attack claims, it encrypts everything on the computer including databases, files, documents, photos and videos.
By encrypting everything on computer means, that organisation should not have access to their data or databases anymore after the attack, until they pay ransom. Then the malware prompts with the red alert as shown above allowing users to pay via Bitcoin currency online with an embedded interface to decrypt its data.
The malware, however, also provide to try decrypting on some of the data, probably as trail basis.