China Hit Hard by Hacking Attack as Asia Assesses Damage
HONG KONG — Asia began to grapple on Monday with its share of the ransomware attacks taking aim at computers across the globe, with China reporting disruptions at tens of thousands of institutions.
China at first seemed to have escaped the brunt of the breaches, but new cases kept emerging over the weekend. The state news media said on Monday that about 40,000 institutions had been struck; of those, 4,000 were academic.
The numbers could grow as many people return to work on Monday, though analysts said that cases in China, where the use of pirated software has long been a problem, were likely to be underreported.
On social media, students reported being locked out of final papers, while other people said A.T.M.s, some government offices and the payment systems at gas stations had been affected. Talk of how to avoid the virus was widespread on the messaging app WeChat over the weekend.
Some of the gems of higher education in China, including Tsinghua University and Peking University, were hit by the hacking, according to the state-run news media. The schools are centers of scientific and computing research.
Securities and banking regulators issued warnings to businesses and financial institutions to audit their networks before bringing computers online to limit damage from the intrusion. The securities regulator also said that it had taken down its network and was installing a patch as a security measure.
The state-run oil company, PetroChina, confirmed that the attack had disrupted the electronic payment capabilities at many of its gas stations over the weekend. By Sunday, it said 80 percent of its stations were functioning normally.
On Monday morning, 11 technology companies in China, mostly dealing in internet security, suspended trading after their stocks fell.
The cyberattack has afflicted 200,000 computers in more than 150 countries. Transmitted via email, the malicious software, or malware, locks users out of their computers, threatening to destroy data if a ransom is not paid.
Australia said on Monday that it appeared to have escaped the worst of the assault. No government agencies or critical infrastructure had been affected, Dan Tehan, the minister for cybersecurity, said Monday morning. There were no reported cases in New Zealand.
“At this stage, it does seem like we have missed the major impact of this ransomware incident,” Mr. Tehan said.
The spread of the malware has focused attention on why a software patch issued by Microsoft in March was not installed by more users. Microsoft has complained for years that a large majority of computers running its software are using pirated versions.
Prime Minister Malcolm Turnbull of Australia said that the attacks in the country seemed to be limited mostly to small businesses, but they reinforced the need to update security software.
“We haven’t seen the impact that they’ve seen, for example, in the United Kingdom,” Mr. Turnbull said. “But it is very important that business and enterprises that are in the private or government sector make sure those patches for the Windows systems that were made available by Microsoft in March are installed.”
The South Korean government said that just nine cases of ransomware had been found in the country so far and that dozens of samples of the malware were being analyzed.