North Korea implicated as source of global cyber attack
Two internet security firms are suggesting North Korea could be behind a global cyber attack, which has caused worldwide disruption.
Symantec and Kaspersky say they think the WannaCry ransomware, originated from the Lazarus group.
It is been responsible for other cyber crimes - including one targeting Sony Pictures in 2014 and an attack last year on a Bangladesh bank.
Tusla - the Child and Family Agency has said if anyone has reported a child protection concern by email since Friday evening it may not have been received.
All external emails will remain blocked for another 48 hours because of the recent cyber attack.
Tusla is urging anyone who has a concern about a child to contact their local social work duty team or Gardaí.
The Health Service Executive has confirmed three hospitals which reported computer viruses today, were not hit by the WannaCry ransomware that has caused global disruption.
The HSE's chief information officer Richard Corbridge said the 20 machines in the three hospitals were quickly isolated from networks today before the virus infecting them spread, and that the machines were replaced and the systems put back online.
A spokesperson for the executive said patient care has been broadly unaffected by the WannaCry disruption.
The HSE network will remain isolated for further 48 hours to maintain protection from the attack.
Taoiseach Enda Kenny said Communications Minister Denis Naughten would brief the Cabinet on the issue tomorrow morning. He said: "I've asked for a report tomorrow on this, including what it is we need to do to protect companies and their services."
The HSE is to keep its IT networks offline for a further two days to contain any damage from the WannaCry cyber attack.
Staff were being encouraged not to log into their machines today to allow upgrades take effect after the weekend attack.
The agency's director general Tony O'Brien has now said the HSE network will remain isolated for further 48 hours "to maintain protection" from the attack.
It is not yet clear what impact the decision will have on the overall delivery of health services.
#cybersecurity @HSELive @eHealthIreland I have decided to keep the HSE network isolated for a further 48 hours to maintain our protection.
— Tony O’Brien (@tweetstob) May 15, 2017
- Don’t ignore updates. You may need to reboot your machine to have updates take effect;
- Back up your files;
- Install anti-virus software on your machine.
For more information click here.
TDs have been warned to exercise "extreme caution" opening emails in the wake of the WannaCry attack.
The Oireachtas IT unit has told politicians not to open any unexpected email attachments.
Staff say they have added all the appropriate security patches, and it is not believed that any Oireachtas-owned machines could be vulnerable.
But the worm could propagate throughout the Leinster House network, because staff are also allowed to use external machines on its WiFi network.
The HSE says this morning brings the biggest risk of the WannaCry attack spreading across its computer network.
Officials have spent the weekend trying to protect around 1,500 machines which are seen as being potential victims of the attack.
Around 200,000 computers worldwide using Microsoft operating systems have been hit in the ransomware incident which began on Friday.
Chief information officer with the HSE Richard Corbridge said the HSE is trying to ensure all staff are aware of the risks as they return to work today.
"We're asking everybody to turn on their machine, and that nobody logs into email. We need to allow the solutions we've put together over the weekend to arrive at every machine (first).
"We're also pushing the idea of 'think before you click'.
Meanwhile, there has been a call for a change in the Government's approach to this type of attack.
CEO of Cyber Risk International Paul Dwyer said such attacks need to be taken more seriously.
"Most malware is dealt with by amateurs, who give out advice on how to deal with this. Where's the Government advice and strategy in relation to giving people in small businesses and homeowners straightforward guidance on what to do?"
China and Japan have both fallen victim to the global "ransomware" cyber attack that has created chaos in 150 countries.
Chinese state media say more than 29,000 institutions across the country have been infected, along with hundreds of thousands of devices.
Xinhua News Agency cited the Threat Intelligence Centre of Qihoo 360, a Chinese internet security services company.
It said universities and educational institutions were among the hardest hit, numbering 4,341, or about 15% of internet protocol addresses attacked.
Also affected were railway stations, mail delivery, petrol stations, hospitals, office buildings, shopping malls and government services.
Xinhua says the system used by PetroChina's petrol stations was attacked, meaning customers could not use their cards to pay. Most stations had recovered.
Japanese companies say they are working to overcome the problems caused by the cyber attack.
The Japan Computer Emergency Response Team Co-ordination Centre said 2,000 computers at 600 companies in Japan had been affected.
Nissan confirmed on Monday some units had been targeted, but that it had responded and there had been no major impact on its business.
Hitachi spokeswoman Yuko Tainiuchi said it was experiencing email delays and file delivery failures and suspected the cyber attack was to blame, even though no ransom was being demanded. Programmes were being installed to fix the problem.
Broadcaster NTV reported 600 companies and 2,000 computers in Japan had been affected. Overall the attack has created chaos in 150 countries
The Indonesian government urged businesses to update computer security after two hospitals were affected by the cyber attack.
The communication and information ministry said the malware locked patient files on computers at the affected hospitals, both in the capital Jakarta.
Local media reported that patients arriving at Dharmais Cancer Hospital over the weekend were unable to get queue numbers and had to wait several hours while staff worked with paper records.
The ministry has announced measures that organisations can take to counter the attack including a specific update to Microsoft operating systems.
The initial attack, known as WannaCry, paralysed computers that run Britain's hospital network, Germany's national railway and other companies and government agencies worldwide in what is believed to be the biggest online extortion scheme in history.
