The global WannaCry ransomware attack crippled Telkom\u2019s customer platforms, which impacted customer services.<\/p>\n
On Tuesday morning,\u00a0MyBroadband was alerted<\/strong><\/a>\u00a0to the fact that Telkom\u2019s systems were experiencing problems.<\/p>\n One of the main problems was that USSD menus and Telkom\u2019s app were not working, preventing subscribers from buying data bundles.<\/p>\n Other Telkom services which were impacted were voice mail systems and the company\u2019s call centre.<\/p>\n Telkom spokeswoman Jacqui O’Sullivan\u00a0told the Sunday Times<\/strong><\/a> \u201cthe computer virus attack crippled some customer platforms, which were restored only on Thursday\u201d.<\/p>\n According to the report, Telkom \u201cthwarted attempts by the WannaCry hackers to freeze its systems so they could hold it to ransom\u201d.<\/p>\n The global WannaCry attack<\/strong><\/a> started on 12 May and infected tens of thousands of PCs at large institutions, including the NHS in the UK and FedEx.<\/p>\n WannaCry \u2013 also known as WannaCrypt, WanaCrypt0r, WCrypt, and WCRY \u2013 targets Windows<\/strong><\/a>\u00a0systems, unless they have been patched for MS-17-010.<\/p>\n The ransom demand from the attack was between $300 to $600, and the post noted that there is code to \u201cdelete files\u201d in the ransomware.<\/p>\n \u201cThe worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder,\u201d stated the post.<\/p>\n Telkom was among many companies and organisations believed to have been targeted by the WannaCry attack in South Africa.<\/p>\n \u201cIT security experts warned that further attacks were likely, and said the government and its agencies were particularly at risk due to their failure to upgrade software,\u201d stated the report.<\/p>\n O’Sullivan told MyBroadband the alert level within Telkom\u2019s network and IT support teams was raised on Saturday morning.<\/p>\n This happened as network traffic volumes started increasing in South Africa and the virus started attacking.<\/p>\n \u201cOur managed security teams immediately began assessing, monitoring, and managing the situation,\u201d said O’Sullivan.<\/p>\n Telkom experienced problems with certain customer service platforms on Tuesday, but most were reinstated overnight.<\/p>\n \u201cHowever, there were intermittent problems on some of those platforms until Thursday.”<\/p>\n \u201cThroughout these attacks, our priority was the protection of our customers’ data and assets.”<\/p>\n \u201cWe were meticulous in the control of our defence systems and we purposefully throttled some areas where we believed the risk was high.\u201d<\/p>\n The sustained nature of the attacks resulted in high network traffic as Telkom\u2019s firewalls worked to repel the attacks.<\/p>\n \u201cThis robust defence strategy did result in the degradation of the performance of some of our service platforms, at different times throughout the day,\u201d she said.<\/p>\n \u201cWe regret the inconvenience this caused some of our customers. We are confident we took every step necessary to protect our data and our customers from any exposure to this pernicious virus.\u201d<\/p>\n O’Sullivan said that despite the attack, the WannaCry ransomware virus did not infect or encrypt any files on Telkom assets.<\/p>\n \u201cIt is important to note that customers must install the corrective steps. Even though the current variant of the virus is unable to initiate the ransomware, devices and systems remain vulnerable until they are patched.”<\/p>\n \u201cUnpatched devices or systems may continue to generate excessive network traffic and could be vulnerable to a potential second wave of the virus, should it appear in a different variant.”<\/p>\n WannaCry ransomware crippled Telkom\u2019s customer platforms, which impacted customer services.<\/p>\n","protected":false},"author":23,"featured_media":146263,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[35,109,43310,43154,43156,43312],"class_list":["post-211576","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-headline","tag-telkom","tag-wanacrypt0r","tag-wannacry","tag-wannacrypt","tag-wcrypt"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/211576"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=211576"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/211576\/revisions"}],"predecessor-version":[{"id":211578,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/211576\/revisions\/211578"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/146263"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=211576"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=211576"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=211576"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Global WannaCry attack<\/h3>\n
Telkom explains the attack<\/h3>\n
Now read:\u00a0WannaCry ransomware \u2013 The details<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"