UAE companies and government agencies have been urged to be on the alert in the wake of one of the world’s largest ever cyber attacks, which has affected computer systems in around 100 countries, even as the Middle East has so far remained relatively unaffected.
Malware under the name of WannaCry began spreading to European computer systems on Friday evening, encrypting users’ personal data and demanding payment of between US$300-$600.
The UK’s National Health Service was an early target of the attacks, together with several Russian banks and Spanish telecoms operator Telefonica.
Turkey’s Information and Communication Technologies Authority said that its cyber security centre was working to contain the spread of the virus in the country.
“So far we have not received any e-government services cases that are affected by the virus,” said the Computer Emergency Response Team of the UAE’s Telecommunications Regulatory Authority (TRA) in a statement on state news agency Wam.
“Right now our company hasn’t been alerted to any specific problems in the UAE,” said Eddie Schwartz, the executive vice president of cyber services at DarkMatter, an Abu Dhabi-based cyber security firm.
WannaCry is believed by security experts to be based on a bug found by the US National Security Agency, named “Eternal Blue”, which can be used to exploit computers running Microsoft Windows.
Details of the bug exploit were leaked by hacking group Shadow Brokers last month, prompting security experts to predict that cyber criminals would use the exploit to create malware.
“I can’t even imagine the extent of the damage in Mena due to Windows XP dependence,” said Matthieu Suiche, founder of the UAE-based cyber security company Comae Technologies, in a post on Twitter.
Mr Suiche told The National that “mature” organisations running old operating systems that weren’t regularly patched were especially vulnerable.
“We started reaching out to clients on Friday evening to make sure they had the right systems updates in place and were generally prepared,” said the owner of an Abu Dhabi-based IT consultancy, who asked not to be named.
“None of our clients have reported anything so far, but you feel as if it’s a matter of time before we hear about infections, because [the virus] gets hold of everyone’s emails and spreads itself that way.”
Saudi Arabia’s National Cyber Security Centre on Saturday urged users to shut down certain network ports, and to install the relevant security patch for Microsoft.
Source: John Everington/The National