The global ransomware attack that bubbled up late last week has affected a wide variety of system in scores of countries – everything from small businesses to hospital patient management systems – so it was inevitable it was also going to affect some digital signage operators.
Digital signage vet Dan Parisien, now with Quividi, speculated as much in a weekend tweet.
https://twitter.com/danielparisien/status/863899935254528001
I’ve not heard from anyone saying they were hit (as Dan says, would you admit it?), but here’s the first of what may end up being a bunch of stories involving screen networks affected by the “WannaCry” worm.
From the Singapore Straits Times newspaper:
SINGAPORE – Singapore has seen a number of victims struck by the latest global ransomware attack, the Cyber Security Agency (CSA) said in an alert on Sunday (May 14).
Systems at Tiong Bahru Plaza and White Sands were also believed to be affected by the “WannaCry” worm.
MediaOnline, which supplies digital signage, rushed to fix its systems after kiosks were infected at the malls. Director Dennis So said the systems were not connected to the malls or tenants’ networks.
A photo posted on Reddit on Saturday night showed a malware message on Tiong Bahru’s mall directory, suggesting that it had been hit by the ransomware attack WannaCry.
The mall operators told Channel NewsAsia that they were alerted to the malware incident at around 5pm on Saturday.
A spokesman said the digital directory service is provided to the mall by a third-party vendor, and vendor systems have been disconnected from the board while a solution patch is being installed.
She added that no sensitive information in the mall directories was leaked and that hackers did not receive any money or bitcoin.
A display screen at an Orchard Central Desigual outlet is also believed to have been hit by the ransomware attack.
The CSA advised Internet users to be suspicious of uninvited documents sent through e-mail, back up crucial files, and run anti-virus security tools.
Those with infected systems should remove the network cable or shut down the wireless function on their device so the ransomware doesn’t spread. They can then patch and restore their systems.
The systems most affected by this ransomware are those running Windows XP, Windows 8, and Windows Server 2003. Microsoft issued this security update on Friday.