New Delhi: The IT ministry has reached out to key stakeholders like RBI, National Payments Corporation of India, NIC and UIDAI (Aadhaar) to advise them to protect their systems against ‘Wanna Cry’ ransomware to ensure that the digital payments ecosystem in the country is protected.
The Ministry of Electronics and Information Technology (MeitY) has also instructed cyber security unit CERT-In to gather information of ‘Wanna Cry’ ransomware that has wrecked havoc across sectors like healthcare and telecommunications in more than 100 countries.
Over the weekend, the ransomware hit systems in over 100 countries, including Russia and the UK, in one of the most widespread cyber attacks in history. It infected computers running on older versions of Microsoft operating systems like XP, locking access to files on the computer.
The cyber criminals have demanded a fee of about USD 300 in crypto-currencies like Bitcoin for unlocking the device.
Microsoft has introduced a security patch to tackle the situation, and consumers across the globe have been advised to download the solution at the earliest.
Noting that no reports have been formally received so far related to the ransomware attack, MeitY said a few systems of the Police Department in Andhra Pradesh were impacted and that the state government has been informed to follow the advisory by the Indian Computer Emergency Response Team (CERT-In).
“MeitY is keeping a close watch on the developments on the ransomware and is working in close coordination with all relevant agencies,” it said in a statement.
The ministry has also reached out to the Department of Telecom (DoT) to alert Internet service providers (ISPs) to secure their networks as well as the Data Security Council of India (DSCI) and CDAC to ensure that users across the country, especially those in the private sector, are cautioned about the ransomware.
Besides, it has also requested Microsoft India to inform all its partners and customers to apply the relevant patches.
As per the advisory issued by CERT-In, the ransomware infects other computers on the same network and is also spreading through malicious attachments to e-mails. Security firms have suggested that users immediately disconnect the infected device from the local network to contain the spread of infection.
In Spain, major companies including telecommunications firm Telefonica have been infected. The most disruptive attacks were reported in the UK, where hospitals and clinics were forced to turn away patients after losing access to computers.
Reports suggest that over two lakh systems globally could have been infected by the malicious software. Experts fear the situation could further aggravate as a number of computers in India run on the older operating systems and have not been updated yet.
“The impact has been somewhat contained in India because of the weekend. However, one will have to watch the situation as people return to work tomorrow and access their computers,” Kaspersky Lab Head for South Asia Region Altaf Halde told PTI.
A report by the security solutions firm claims that India is among the countries worst affected by the Wanna Cry outbreak, accounting for about five per cent of the attacks.
“This attack is perhaps the largest, most widespread and contiguous malware attack in history as the attackers has used a flaw in Microsoft software to infiltrate unguarded systems. It is important that users keep their systems updated and take a proactive approach to security rather than a reactive one,” Pradipto Chakrabarty, Regional Director at CompTIA India said.
Saket Modi, CEO and co-founder of Lucideus said, ransomware, as a mode of attack, seems to be gaining traction as it now gets 4-5 requests from a week from enterprises across the country for providing support from such attacks.