As threat escalates, Kerala Cyberdome warns against ransomware strike

Thiruvananthapuram: Kerala Police Cyberdome, the technological research and development centre of the state police in Thiruvananthapuram, has alerted individuals and organisations against the crippling global ransomware attack WannaCry.

The agency also issued certain guidelines for computer and internet users in this regard.

In order to prevent infection, users and organisations are advised to apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010, it said.

The Cyberdome experts directed users to maintain updated antivirus software on all systems and check regularly for the integrity of the information stored in the databases.

It also requested users to regularly monitor contents of backup files of databases for any unauthorized encrypted contents of data records or external elements, (backdoors /malicious scripts).

Over the weekend, the ransomware hit systems in over 150 countries, including Russia and the UK, in one of the most widespread cyber attacks in history.

In India too, there have been reports of some systems of Andhra Pradesh Police being affected.

The alert comes after Europe’s leading security chief on Sunday warned of another “imminent attack”.

“At the moment, we are in the face of an escalating threat. The numbers are going up, I am worried about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning,” Europol Director Rob Wainwright said.

The threat was “escalating” as cyber experts warned that another attack was imminent in coming days, he said.

“The global reach is unprecedented. The latest count is over 200,000 victims in at least 150 countries and those victims many of those will be businesses including large corporations,” Wainwright told ITV news channel.

Meanwhile, in India, Critical infrastructure agencies including banks, airports, telecom networks and stock markets have been asked to take precautions to shield themselves against the crippling global ransomware attack 'WannaCry'.

While India's cyber security unit CERT-In is yet to receive a formal intimation of any major attacks, it has reached out to all government agencies and public utilities to stay alert.

The IT Ministry said it has initiated contact with relevant stakeholders in public and private sector to advise them to patch their systems as per CERT-In's advisory.

"The stakeholders' organisations include NIC for all government and state government systems, RBI, NPCI and UIDAI for protection of digital payment ecosystem, DoT to alert the ISPs for security of telecommunication network, Data Security Council of India (DSCI) and CDAC," it added.

It is also keeping a close watch on the developments on the ransomware and is working in close coordination with all relevant agencies, it said.

Indian Computer Emergency Response Team (CERT-In) Director General Sanjay Bahl said that advisories have already been issued to all Central and state government agencies.

Additionally, a list of do's and don'ts have been shared with all vital installations and networks, including banks, stock markets, airports, defence, power and public utilities.

"If people have already taken action and applied the software patch (issued by Microsoft), they need not worry... If they haven't, they should apply it immediately," he told PTI.

The malware infected computers running on older versions of Microsoft operating systems like XP, locking access to files on the computer. The cyber criminals have demanded a fee of about USD 300 in crypto-currencies like Bitcoin for unlocking the device.

Microsoft has introduced a security patch to tackle the situation. Consumers across the globe have been advised to download the solution at the earliest.

The US-based software giant has also released updates for Windows XP, Windows 8, and Windows Server 2003.

Bahl maintained that no "major" incidents have been brought to CERT-Ins notice yet, but was quick to add that a full assessment of the impact on ground can be made only on Monday when people return to work after the weekend.

The Andhra Pradesh systems were isolated PCs and not connected to larger networks, he said.

In Spain, major companies including telecommunications firm Telefonica have been infected. The most disruptive attacks were reported in the UK, where hospitals and clinics were forced to turn away patients after losing access to computers.

Reports suggest that over two lakh systems globally could have been infected by the malicious software.

Experts fear the situation could further aggravate as a number of computers in India run on the older operating systems and have not been updated yet.

EY Partner Cyber Security Burgess Cooper said Indian hospitals could be quite vulnerable to critical infrastructure attacks as they rely on industrial systems that run on old outdated hardware.

Also, the traditional manufacturing sector relies on outdated IT systems that are run by unsupported operating systems and therefore, the risk of creating havoc to public is higher, he said.