Three cases of the WannaCry ransomware virus have been reported in Hong Kong as of Monday morning, a government official has said.

Update: 2 commercial victims among 25 cases of WannaCry ransomware reported in Hong Kong

The current wave of WannaCry ransomware attacks spread across the globe beginning on Friday evening, notably infecting computers from the UK’s National Health Service. According to MalwareTech – a UK cybersecurity researcher – dozens of computers are being infected every minute as of Monday morning.

WannaCry WannaCryptor Ransomware Virus
WannaCry.

The ransomware encrypts the files of infected users, who are presented with a screen demanding payment of US$300 (HK$2,300) in bitcoins within three days for decryption. After the three-day deadline, the payment demand is raised to US$600 (HK$4,700). The ransomware threatens to permanently encrypt the files after one week.

Two cases were reported over the weekend. Government Deputy Chief Information Officer Victor Lam told Commercial Radio that another case was reported on Monday morning.

According to the government’s Computer Emergency Response Team, all three infected machines were personal computers using the Windows 7 operating system, on which necessary updates were not installed.

victor lam
Victor Lam. File photo: HKGov.

Businesses at risk

In a press conference on Sunday, IT sector lawmaker Charles Mok said that small-and-medium-sized companies in Hong Kong were particularly at risk to the ransomware, because they may not have a dedicated IT department.

Security expert Eric Fan from the Hong Kong Information Technology Federation told HKFP that businesses in the retail sector may also be at risk, as they often use outdated operating systems such as Windows XP to conduct basic sales tasks.

“For example, if you go down to a restaurant they have a system to allocate a table for you, and the system will print a receipt for you when you pay – the ‘point of sales’ system.”

“In Hong Kong, it’s obvious that people don’t always patch [update the software for] these types of systems, but it’s possible that they are connected to the internet,” added Fan. “So these systems have a relatively high risk of being infected.”

Chinese internet security provider 360 said that almost 30,000 institutions or organisations in the mainland were affected, while Taiwan was reportedly one of the countries worst hit by the ransomware.

Support HKFP  |  Code of Ethics  |  Error/typo?  |  Contact Us  |  Newsletter  |  Annual & Transparency Report

Elson Tong is a graduate of international relations and former investigations consultant. He has also written for Stand News.