Follow CERT-In instructions on WannaCry: RBI to banks

CERT-In has listed out dos and don'ts and webcast on how to protect networks from ransomware attack.

Update: 2017-05-15 10:35 GMT
Reserve Bank of India

New Delhi: RBI has asked banks to follow the instructions of government organisation CERT-In to prevent the attack by ransomware, 'WannaCry', which has impacted various IT networks in over 150 countries.

Indian Computer Emergency Response Team (CERT-In) has come out with list of dos and don'ts and webcast on how to protect networks from the global ransomware attack. It has been reported that a new ransomware 'WannaCry' is spreading widely, RBI advisory to the banks said.

Wannacry encrypts the files on infected Windows system and spreads by exploiting vulnerabilities, it said. The Reserve Bank of India (RBI) also asked all banks to put in place a software update at ATMs to prevent their systems from a malware that has attacked payment systems across the world.

In a separate malware attack last year, 3.2 lakh debit card were compromised in the country. Data of the users who transacted from ATM machines of Hitachi were compromised during three months of May, June and July last year. The
Hitachi ATMs deployed by many White Label ATM players and Yes Bank were impacted by the malware.

According to reports Automated Teller Machines (ATMs) are highly vulnerable to such malware attacks as they presently run on old version of Microsoft's Windows operating system, making a software security patch update a necessary exercise.

There are a total of 2.2 lakh ATMs in India, of which many old ones run on Windows XP. Over the weekend, the ransomware has hit systems in more
than 150 countries, including Russia and the UK, in one of the most widespread cyber attacks in history. It infected computers running on older versions of Microsoft operating systems like XP, locking access to files on the computer.

The cyber criminals have demanded a fee of about USD 300 in crypto-currencies like Bitcoin for unlocking the device. Microsoft has introduced a security patch to tackle the situation, and consumers across the globe have been advised to download the solution at the earliest.

CERT-In today said it has not received any formal report of cyber attack on India's vital networks by the crippling global ransomware, 'WannaCry'. The Ministry of Electronics and Information Technology (MeitY) had said yesterday that a few systems of the Police Department in Andhra Pradesh were impacted and that the state government has been informed to follow the advisory by the CERT-In.

Besides, the Maharashtra Police department said it was partially hit by the ransomware. Following the alert, the Gujarat government began equipping its state computer systems with anti-virus softwares and upgrading its Microsoft operating systems.

As per the advisory issued by CERT-In, the ransomware infects other computers on the same network and is also spreading through malicious attachments to e-mails. Security firms have suggested that users immediately disconnect the
infected device from the local network to contain the spread of infection.

In Spain, major companies including telecommunications firm Telefonica have been infected. The most disruptive attacks were reported in the UK, where hospitals and clinics were forced to turn away patients after losing access to
computers.

Tags:    

Similar News