WannaCry: CERT-In issues alert against global ransomware attack

It said the malware was targeting commonly used file extensions like .ppt (PowerPoint), .doc and .docx (Word), .xlsx (Excel), and image file extensions such as .tiff, .raw, among others.

WannaCry, ransomware, Windows ransomware, Global Cyber attack, Cyber attack on many countries, Cyber attack on Countries, cyber attack, Economy news, indian express

A new ransomware named “Wannacry” is spreading globally that encrypts files on the infected Windows PCs. (File Photo)

The Indian Computer Emergency Response Team (CERT-In) issued an advisory on Saturday with regard to the Wannacry, or Wannacrypt, ransomware, which has affected computers in around 100 countries, including India. “The ransomware called WannaCrypt or WannaCry encrypts the computer’s hard disk drive and then spreads laterally between computers on the same LAN. The ransomware also spreads through malicious attachments to emails,” CERT-In said in its advisory.

A ransomware is a malicious software (malware), which actually holds the affected party to ransom and in this case, Wannacry encrypts the victim’s files, and asks them to pay a minimum of $300 equivalent in bitcoins to decrypt them.

In order to prevent the infection, CERT-In has advised users and organisations to apply the relevant patches to Windows systems as mentioned in the Microsoft Security Bulletin MS17-010. It added that the malware was targeting commonly used office file extensions such as .ppt (PowerPoint), .doc and .docx (Word), .xlsx (Excel), and image file extensions such as .tiff, .raw, among various other common file types for archiving, emails, databases, etc.

As part of its best practices to prevent ransomware attacks, CERT-In has advised users and organisations to maintain an updated antivirus software, regularly check for integrity of the information stored on databases, to not open attachments in unsolicited e-mails, restrict users’ ability to install and run unwanted software applications, among various others.

CERT-In added: “Individuals or organisations are not encouraged to pay the ransom, as this does not guarantee files will be released. Report such instances of fraud to CERT-In and law enforcement agencies”.

According to media reports in the US, the ransomware attack was first reported from Sweden, the UK, and France, with a number of antivirus and security software companies raising red flags over the issue since then.

Security software firm Avast reported an increase in the malware’s activity on Friday, and said that it had “quickly escalated into a massive spreading”. Researchers at Kaspersky, Labs recorded over 45,000 attacks in 99 countries, including Russia, Ukraine, India, China, Italy, and Egypt.

Story continues below this ad

According to various reports, globally, large firms such as Spain’s telecom operator Telefonica, and logistics company FedEx have been affected by the cyber attack. In a statement, FedEx said: “Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware. We are implementing remediation steps as quickly as possible.”

Closer home, as per agency reports, some of Andhra Pradesh police’s Windows-based computers at 18 of its police units in Chittoor, Krishna, Guntur, Visakhatpatnam and Srikakulam districts have also been affected. In a blog post on Friday, Microsoft said: “Today, many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, like the ones reported today, was painful. Microsoft worked throughout the day to ensure we understood the attack and were taking possible actions to protect our customers.”

Tags:
WannaCry