WannaCry shuts down Toefl test in Seocho-gu
Test-takers were forced to go home.
Computers at other test sites in Korea were rumored to have been infected with the virus but KISA refused to disclose the locations, saying it was in the middle of a probe.
The Educational Testing Service (ETS), the administrator of Toefl, will allow the test takers in Seocho to take another exam or get refunds. The Ministry of Science, ICT and Future Planning and the Korea Internet and Security Agency launched an investigation into the incident Monday afternoon.
“A team of investigators visited the site to find the cause and the scale of the damage at 3 p.m.,” said a KISA spokeswoman. “The number of inquiries about ransomware contractions has been decreasing but computer users need to remain cautious.”
The WannaCry ransomware, a malicious software that prevents users from accessing their computers until they pay a ransom, was discovered as the computers for the Toefl test were being checked before it began at around 10 a.m. Sunday. The computers were found to be malfunctioning and the ETS dispatched its staff to fix the computers Monday morning.
The test has to be taken over the internet. Test takers go to a test site and use properly equipped computers.
As of Monday, the number of infections in Korea from WannaCry was 20. The number of inquiries per day, which peaked at 2,863 on May 15, fell to as low as 52 Monday.
WannaCry attacks have been reported in Korea since May 12, including on the computer systems of Korea’s biggest movie theater franchise, CGV.
According to Kaspersky Lab, the world’s largest privately-held vendor of endpoint protection, roughly 98 percent of the computers affected were running some version of Windows 7.
BY SEO JI-EUN [firstname.lastname@example.org]