Petya ransomware cyberattack reaches India, here's how you can stay safe

The cyberattack that initially hit Ukraine, has now spread to India. The Jawaharlal Nehru Port Trust, operated by AP Moller-Maersk was majorly impacted by the cyber attack when one of the three ports had to be shut down.

"We have been informed that the operations at GTI have come to a standstill because their systems are down (due to the malware attack). They are trying to work manually," a senior JNPT official told PTI. Fearing some clogging up of cargo, additional parking space is being made available, the official said, promising to help in any way possible. The Hague-based APM Terminals also operates the Pipavav terminal in Gujarat.    

The new ransomware had a major impact on Russia and Ukraine. The cyber attack crippled Russia's biggest oil company and even the banks. Ukraine's international airport was also dealing with the attack. Global shipping company, AP Moller-Maersk which also handles ports in India have surfaced as one of the worst affected companies.

The cyber attack comes a month after the Wannacry episode that took over computer systems all over the globe. The ransomware exploits the code stolen from US National Security Agency (NSA) called 'Eternal Blue' which was also used in the Wannacry ransomware. According to Microsoft , the flaw was patched in an update in March. However, businesses and individuals who have still failed to update their systems are vulnerable to the attack.

The ransomware virus crippled computers running Microsoft Corp's (MSFT.O) Windows by encrypting hard drives and overwriting files, then demanded $300 in bitcoin payments to restore access. More than 30 victims paid into the bitcoin account associated with the attack, according to a public ledger of transactions listed on blockchain.info.

What is Ransomware?
As the name suggests, it's the blocking or encrypting of one's files and then being asked for a ransom to decrypt those locked files. Typically, the victim is asked to pay the ransom in Bitcoins. Failing to do so in the stipulated time period could also lead to permanent deletion of data.

What should you do to stay clear of the threat?

• Keeping a back up is the safest and most effective way to deal with the threat
• CERT-In has advised users to back up all their essential files offline, in a hard disk or pendrive
• Individual users as well as organisations have been asked to apply patches to their Windows system(s) as mentioned in the Microsoft Bulletin MS17-010, which is marked critical
• Don't open emails or links in e-mails from people even in your contact list. E-mail has proven to an effective carrier in the case of 'Wannacry' ransomeware
• Avoid downloading from websites that are not trustworthy; even attachments from unsolicited e-mails
• Update Antivirus on all your systems and download Microsoft's latest software patches. For unsuported Windows versions such as XP, Vista etc, the user can download the necessary patch from this link. http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
• While browsing, one should steer clear from unsafe websites and employ essential filters on your browser
• Use security tools on IT ministry website for higher safety.

With inputs from PTI