WannaCry hits computers in Kerala, Kolkata
Two panchayats in Kerala and offices of the WB electricity board are reported to have been hit so far by the ransomware; CERT-In though says it isn’t aware of any attack. There are steps one can take
Four computers in a panchayat office in Wayanad, Kerala, has reportedly been infected by the crippling global ransomware ‘WannaCry’. Another village panchayat in Kerala at Aruvapulam in Pathanamthitta district got a similar virus message when their computers were switched on.
Calls to both the panchayat offices by National Herald went unanswered.
At least four offices of West Bengal State Electricity Distribution Company Limited (WBSEDCL) that cater to around 8,00,000 households on Monday came under attack too. Officials said employees at the billing offices in Narayangarh, Keshiyari, Dantal and Belda in West Midnapore district found that they were unable to access the contents of the internet-linked computers.
Ramsomware is defined as a malicious software that blocks access to a computer system until a sum of money is paid.
However, India's cyber security unit Indian Computer Emergency Response Team (CERT-In) said on Monday it has not received any formal report of cyber-attack on India's vital networks by, WannaCry.
India is on high alert, monitoring critical networks across sectors such as banking, telecom, power and aviation to ensure that systems are protected against the attack which has claimed victims in more than 150 countries over the weekend.
“Everything seems to be normal, so far. No reports have come to Cert-In. We have been in touch with Microsoft and others, even they have not got any reports,” said Sanjay Bahl, director general, CERT-In. He added that the Cyber Swachhta Kendra—government’s portal on information about cyber security—is being updated regularly since Saturday.
There were reports, however, of some systems of Andhra Pradesh Police being affected on Saturday, although CERT-In has said that the PCs were isolated and not on a network.
CERT-In further said that it sent out advisory to the Reserve Bank of India on the matter, on Saturday itself. “So far we have not received anything. Typically, they (banks) have to report (any disruption) to both RBI and us,” Bahl added.
With global security reports stating that India has weak security systems, public and private agencies have been working overtime to firewall their systems from any possible attack.
Experts said India is vulnerable as a large number of computers in the country run the Microsoft’s older operating system XP, and have not been updated yet. Moreover, with rampant piracy in the country, higher usage of unlicensed software could make the situation worse, they warned. The cyber criminals have demanded a fee of about $300 in Bitcoin, crypto-currency, for unlocking the device.
Tips from cyber experts, Mallu Cyber Soldiers
In a chat with National Herald, the hacker team claims to have debugged the virus. They suggest the following measures:
- If anyone has Windows 8.1, 7, XP or Vista, it is best they update the Windows Operating System soon
- In the initial stage, this malware comes as an attachment in the email. Do not download any kind of attachment mainly pdfs and .doc files directly
- Please update the anti-virus and end-point security system on your network soon
- If your files have been encrypted, please try wannacry@2017 as password for data recovery. On 10 of the 30 systems, this password has worked, mostly because this is the default password for ransomware decryption. It also depends on the version of malware that has infected the user’s system.
WannaCry has disrupted networks in over 150 countries, including Russia and the UK and is being termed as one of the most widespread cyber-attacks in the history. Reports suggest that over two lakh systems globally could have been infected by the malicious software. Security solutions providers have also accelerated efforts to develop tools to tide over the crisis.
Incidentally, Kaspersky, an internet security solutions provider, had warned on April 25 that cybercriminals behind the Locky ransomware and Necurs botnet were back in business. It had delivered nearly 35,000 emails in just a few hours, the first major Locky campaign in months, a Kaspersky blog had noted.
The WannaCry cyberattack paralysed computers that run Britain’s hospital network, Germany's national railway, Russia’s Interior Ministry, Spain’s Telefonica, FedEx Corp. in the US and French carmaker Renault. As a result of the unprecedented “ransomware” cyberattack, officials and experts on Monday urged organisations and companies to update their operating systems immediately to ensure they aren’t vulnerable to a second, more powerful version of the malicious software.
The attack, already believed to be the biggest online extortion scheme ever recorded, is considered to be an “escalating threat”. Europol spokesman Jan Op Gen Oorth said it was too early to say who was behind the onslaught and what their motivation was, aside from the obvious demand for money. So far, he said, not many people have paid the ransom demanded by the malware.
With inputs from PTI