Chennai: After ‘WannaCry’ last month, it’s now a new strain of the Petya ransomware that has come to cripple thousands of computers and businesses across the world on Wednesday. While some reports said India too has been hit in a few pockets, IT Minister Ravi Shankar Prasad said the country’s systems are safe.
The big dent on Minister Prasad’s confidence was the crash of operations at one of the three terminals of India’s largest container port — Jawaharlal Nehru Port (JNP) in Mumbai — but that was said to be an offshoot of the global attack on the systems of Danish shipping giant AP Moller-Maersk, which operates the affected terminal at the port.
Reuters quoted JNP chairman Anil Diggikar saying that the crash in one terminal was the “fallout of global cyber attack” and would be set right in a day.
Apart from Maersk, Petya has hit Ukrainian banks and MNCs, Russia’s biggest crude oil producer Rosneft (which said it contained damage by switching to backup systems at the last minute), a Cadbury chocolate factory on the island state of Tasmania, Australia and the property arm of French bank BNP Paribas — to name just a few of the biggies that got hit.
Reuters said the virus crippled computers running Microsoft Corp’s Windows by encrypting hard drives and overwriting files, then demanded $300 in bitcoin payments to restore access.
Investigators of several governments have been toiling for a long time, particularly since the WannaCry crippled nearly 300,000 computers in May, to trace the bitcoin beneficiaries, the hackers.
While the victims are scurrying for data recovery system providers and cyber security agencies, the other major IT users too are taking quick precautionary measures.
Amar Prasad Reddy, Director of National Cyber Safety and Security Standards, said, “Patch released by the Microsoft in Server Message Blocking v1 (SMBv1), a file sharing protocol, had problems. Now, the patch ‘MS- 17010’, which is available on the Microsoft website, can be downloaded and installed in the system to thwart the entrant of Petya malware, for those whose systems have not been affected by it. On the other hand, the piracy software users cannot make use of the patch. However, the piracy users can still thwart the entrant of Petya by blocking network access ‘Port445’ in Windows workstation”.
The new strain of Petya is also spreading through .rtf, an email extension file that should NOT be opened at any cost even now. If a system has MS-17010 file installed in it, Petya cannot affect it even when .rtf file is opened, Reddy said.
People and commercial organisations should shun pirated software as they are highly vulnerable to virus attacks. Also, Windows has to be updated regularly.
