‘WannaCry’ Ransomware Hijacks China’s Schools, Government Agencies

(Beijing) — China has been among the worst hit by the devastating “WannaCry” cyberattack, with over 10,000 educational institutions, hospitals, and government agencies in the nation with the world’s largest internet population falling victim to the malware in the last three days.

Nearly 30,000 IP addresses in mainland China have been under attack by the malware as of Saturday, according to monitoring data from Qihoo 360, a Chinese cybersecurity company.

Universities and schools accounted for 15% of the total attacks, which hold users’ data “hostage” until hackers receive ransom payments, Qihoo data show. This includes China’s Southwest University, whose internal network and student-card payment system was paralyzed by the attack, the institution said in a statement on social media Saturday.

Government networks, including motor-vehicle administrations, housing-fund websites and tax bureaus, have also been among those affected by the virus. Zhuhai’s housing-fund website said in a social media post on Monday that it had suspended services to upgrade its network security to cope with the attack. Meanwhile, many towns across the nation have temporarily stopped approving driver’s licenses and other services.

Gas stations managed by state-owned China National Petroleum Corp. were also crippled by the malware on Saturday, disabling credit card and online payment systems. The company said that over 80% of the affected stations had recovered from the attack by Sunday.

Analysts say the damage caused by WannaCry — which has wreaked havoc worldwide since Friday, with hackers demanding payments of about $300 worth of digital currency bitcoin from users of the infected Windows software — is unprecedented in scale.

China is particularly vulnerable because of its enormous base of internet users — the largest in the world at more than 700 million netizens — and experts said the attack revealed a lack of cybersecurity in the country.

“Public and company-owned computers are not frequently maintained and upgraded, and that is why they are more vulnerable,” said Tan Jianfeng, president of the Shanghai Information Security Trade Association, a nonprofit IT industry organization. “The easiest form of prevention is to continuously back up files, and this is rarely done by the majority of users in China because people are not aware of the risks and consequences of a malware attack.”

Microsoft issued a security patch to remove the vulnerability to its Windows operating system in March, but many users did not promptly install the update and have been susceptible to infection.

Offices in China on Monday required employees to install the patches to make their computers secure against the malware.

Contact reporter April Ma (fangjingma@caixin.com)