A ransomware going by the name 'Wannacry' has become a global cyber-threat and India is as vulnerable as any affected country . The biggest problem with such ransomwares is that there is no well-known way to deal with it; even paying the ransom cannot guarantee that the files will be recovered.
What is Ransomware?
As the name suggests, it's the blocking or encrypting of one's files and then being asked for a ransom to decrypt those locked files. A new ransomeware called 'Wannacry' or 'Wannacrypt' has attacked a few big countries and created havoc by targeting sensitive industries like healthcare.
The biggest threat with 'Wannacry' is that it's more than just a ransomware; it can also be classified as a worm. Being a worm, the ransomware has the ability to spread to different systems running on the same LAN network or even spread through emails.
Is India prepared for this cyber attack?
In an attempt to be prepared for the threat, India's Computer Emergency Response Team (CERT-In) has released fresh directives to deal with this particular ransomware. Since most offices in India will resume operations today, the threat is greater when employees get back on their respective systems.
India was among the countries worst affected by the Wanna Cry attack, data shared by Kaspersky, a Russian anti-virus company, showed. According to initial calculations performed soon after the malware struck on Friday night, around five per cent of all computers affected in the attack were in India.
News agency IANS reported that police computers across 18 units in Andhra Pradesh's Chittoor, Krishna, Guntur, Visakhatpatnam and Srikakulam districts were affected. However, apart from that, there was no immediate information on the extent of the ransomware's hold on Indian systems.
What should you do to stay clear of the threat?
- Keeping a back up is the safest and most effective way to deal with the threat
- CERT-In has advised users to back up all their essential files offline, in a hard disk or pendrive
- Individual users as well as organisations have been asked to apply patches to their Windows system(s) as mentioned in the Microsoft Bulletin MS17-010, which is marked critical
- Don't open emails or links in e-mails from people even in your contact list. E-mail has proven to an effective carrier in the case of 'Wannacry' ransomeware
- Avoid downloading from websites that are not trustworthy; even attachments from unsolicited e-mails
- Update Antivirus on all your systems and download Microsoft's latest software patches. For unsuported Windows versions such as XP, Vista etc, the user can download the necessary patch from this link. http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
- While browsing, one should steer clear from unsafe websites and employ essential filters on your browser.
- Use security tools on IT ministry website for higher safety
What can be done if you're a victim to a ransomware cyber attack?
Though there is no way out, there are a few loopholes one could use to either minimise the damage or stop it from spreading.
According to CERT-In, the user should immediately disconnect the affected system to stop it from spreading.
Since the encryption does not happen instantly, the user should immediately try to back-up the essential files as soon as possible. This will help minimise the damage.
According to CERT-In, victims of the ransomware are advised not to pay the ransom as there is no gaurantee that the files will be returned. Instead, report any such case with CERT-In at Incident@cert.org.in and other law enforcement agencies.