In a webcast by the Indian Computer Emergency Response Team (CERT-In) on the prevention of WannaCry Ransomware threat, the national agency issued directives for effective prevention and informed about possible remedies in case of infection.
The ransomware virus, WannaCry, is a type of malicious software that infects a computer when the user downloads malicious files or a group of computers on LAN. It restricts users’ access to it until a ransom is paid to unlock it. It demands users pay $300 worth of cryptocurrency Bitcoin to retrieve their files, though it warns that the payment will be raised after a certain amount of time.
In India, to counter the threat of the virus, the CERT-In held a session on May 15 on their website.
Some basic measures to prevent infection are:
- Isolate your system from the internet.
- Download the patches (software update) on a CD from another system.
- Install it on your system.
To find the security patch, they have advised users to go to: https://technet.microsoft.com/library/security/MS17-010
The virus exploits a flaw in a version of Microsoft Windows first identified by U.S. intelligence agency National Security Agency (NSA). The NSA alerted Microsoft about the issue three months ago and Microsoft released an upgrade that patched the flaw, but many users were yet to run it, CNN reported. As a result, the attacks exploited the computers which were running outdated versions of Microsoft's Windows operating system.
If your computer is infected by the virus:
- Isolate the PC from the Internet
- Run Clean up software as mentioned on the CERT-In website
- Preserve data even if it is encrypted (for research purposes)
- Report incident to CERT-In and local law enforcement agency
- For further questions send an email to firstname.lastname@example.org
Since such an attack is not a first and may happen in the future as well, the agency has listed a few measures to prevent cyber attacks.
According to CERT-In:
- Deploy antivirus protection
- Block spam
- Perform regular back ups
- Don't open attachments in unsolicited emails
- Disable macros in MS Office products.
The most disruptive attacks were reported in the U.K., where hospitals and clinics were forced to turn away patients after losing access to computers. Now, the virus has spread to over 150 countries, affecting over 200,000 computers.
For detailed information on the issue, users can see: http://www.cyberswachhtakendra.gov.in/alerts/wannacry_ransomware.html
With inputs from PTI.