The world has been hit by, what’s being called one of the worst cyber attacks in the history. Up till now, the global cyber-attack has affected more than 200,000 victims in 150 countries, which also includes India. Called WannaCry or WannaCrypt, the ransomware program is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. But computers and networks that didn’t update their systems remained at risk. Russia and Britain were among the worst-hit countries by the attack. The program takes control over a user’s system and brings up a message telling users they can recover their files only if they send $300, or in some cases $600 in bitcoins to a specific address.
“The ransomware ‘Wannacry’ managed to stop cars, factories, and hospitals across the world over the weekend. The worst but it could still witness fresh havoc today,” Budiman Tsjin, Senior Technical Consultant, Asia, RSA said. “This threat is here to stay and will continue to evolve and impact our lives (i.e. IOT, ICS, etc.) significantly,” he added.
Outdated servers, Unpatched OS to blame!
Most experts blame these attacks on outdated servers and unpatched operating system. Mukul Shrivastava, Partner, Fraud Investigation & Dispute Services, EY India says, “Many global organizations did not update servers with the latest ‘patch’ and block known file types (or websites) which are known sources of the ransomware resulting in virtually no protection against the known threat. Indian organizations are also vulnerable due to most of them using outdated (or not updated) versions of operating systems for business operations.” ALSO READ: Ransomware attack had ‘nearly zero’ impact in India: Ravi Shankar Prasad
“At EY, we have assisted many organizations to tackle cyber incidents and basis our experience, we see the need for corporates to immediately patch operating systems, restrict network shares, change passwords and secure backups, to mitigate the ransomware threat.” “Incidents of such nature and magnitude serve as warning signals for both public and private sector enterprises to have a proactive approach and invest in technologies as well as skilled staff to mitigate and remediate cyber incidents,” he added. ALSO READ: WannaCry Ransomware: 22-year-old ‘accidentally’ stops attacks, warns against more to come
It’s a wake-up call for India!
Further, considering that these attacks have had a big impact on the world’s healthcare system, some believed that it has a potential to lock down the whole health infrastructure till cracked down. “The recent ransomware attacks that have crippled systems across 99 countries are like a nightmare come true. Unfortunately, given the lackadaisical approach, we often give to cyber security, an attack of this scale was only waiting to happen,” Dr Dharminder Nagar, MD of Paras Healthcare said. ALOS READ: WannaCry ransomware cyber-attack is a ‘wake-up call’, says Microsoft
“While India, as also other Asian nations, have been relatively less hit, we must take this as a serious wake-up call. We are highly underprepared to meet such attacks, with data of millions of people under threat. We cannot prepare to move to a paperless, cashless society until our e-systems are secure. When it comes to healthcare, India’s systems have only recently turned to IT-based procedures. As more and more hospitals digitise their systems, it is highly important for us to take security aspects very seriously,” he said. ALSO READ: No, I don’t WannaCry, but we’re all collectively responsible for a lot of pain around us
Vulnerability in Aadhaar!
The Founder Director and President of Software Freedom Law Centre, Mishi Choudhary, at this point, reminds people of the vulnerability that exists in the Aadhaar system. She says, “This [WannaCry attacks] also underscores the importance of security in the system that we are building with Aadhaar. The lead agency has played defensive and offensive each time any researcher highlights flaws or leaks. It has shunned taking real action to plug in security holes and relied on PR or ad-hoc rules based arrangements to cure a design defect. We hope this cautionary take pushes us towards an honest and transparent discussion about vulnerabilities that a digitized society brings”. ALOS READ: Global cyber attack hits hospitals, schools and companies; India among countries hit
Recently, India’s cyber security agency CERT-In also issued a red alert in connection with the latest ransomware attack and warning users not to pay the ransom. And so RSA has listed out some of the Dos and Don’ts to follow while the attacks are upon us. ALSO READ: Andhra Pradesh’s police departments affected by ‘WannaCry’ ransomware
RSA recommends that if your windows devices have not been infected by the ransomware yet, patch it now to prevent future infection. Further, users must disable the SMBv1 protocol if not using it. Users must test and make sure their backup and recovery strategies/solution is working and is not impacted by the ransomware. Additionally, it is important to detect and find out which machines have been infected and how bad is the spread of the infection. If your machines have been infected and you need help, contact the local CERT in your country. ALSO READ: WannaCry ransomware: CERT-In explains measures to prevent infection, how to tackle the aftermath