After 11:00 p.m. on May 12, an IBM Japan network monitoring center in Tokyo’s Chuo Ward was flooded with numerous alarms sent by network monitoring devices installed at its client firms. A “ransomware” virus had rapidly spread within five hours of detection earlier that day.
The center quickly contacted clients and asked them to check if their Windows systems had been kept up to date. The virus spread rapidly by taking advantage of kinks in the Microsoft (MS) operating systems.
In March, MS released patches to fix its OS defects. However, according to a Trend Micro survey of IT specialists in Japanese firms, only 50% of firms installed them on all servers, while 36% said their servers were not fully updated. As for the remaining 14%, they were not sure of their servers’ status.
Hitachi Ltd. was still running an outdated operating system when its email and order systems were disrupted by the ransomware attack. Companies are required to temporarily halt their networks before installing security updates due to potential software incompatibility. “Our network system is huge, so it takes time to apply security updates,” said a PR officer at Hitachi. “We were attacked by the virus while we were examining the software compatibility.”
The latest global cyberattack tapped into a hacking tool, which is believed to have been leaked from the U.S. National Security Agency (NSA). The “Shadow Brokers,” a hacking group that released the NSA program online, has already announced that it will unveil a new malicious code in July. Companies must be prepared for attacks from hackers, who may soon have a more powerful tool in their hands. Hitachi and several other Japanese firms are already taking steps to prevent themselves from falling prey to another attack. They cannot afford to make a second mistake. (Abridged)