16/05/2017
PUNE: City police have issued an advisory on computer users, especially
institutions and organisations, about preventing cyber threats like the
ransomware WannaCry, which has created havoc across 150 countries. Though cyber
crime cell of Pune city police has not received any case related to this
current threat, a total of 15 cases of ransomware attacks have been recorded
since January 2016.
In an additional advisory
issued, the cyber crime cell has said that the individuals should keep their anti-virus
systems updated and systems like Windows Defender and Windows Firewall should
be kept on. On the organisational level, it has been advised that anti-spoofing
tools should be kept on and email filtering mechanisms should be used for
company network-based emails.
During last week, WannaCry
ransomware, a type of malicious software, has infected over 2.3 lakh systems in
150 countries, including India, Germany, Russia and the United Kingdom, in one
of the biggest cyber attacks in history. The ransomware has mainly affected the
computers running on older versions of Microsoft operating systems. It blocks
the user access to files on the computer and cyber criminals then demand a fee
of about $300 in encrypted online currency like Bitcoin for giving back the
access to the user. The Microsoft has introduced a security patch to deal with
the attack and the users across the world have been advised to update their
systems with the patch.
Inspector Radhika Phadke of
the cyber crime cell of city police said, “Till now, we have not received any
specific case of the ransomware WannaCry, which is currently affecting the
systems all over. But we have recorded such cases in the past – four this year
and 11 last year. For Pune’s citizens, we have issued the advisory on the basis
of what the National Informatics Centre (NIC) has said on the issue. We will
also be putting up the Marathi version soon for the benefit of all citizens.
The advisory talks of the concept of the ransomware, ways to prevent the attack
and mitigating an attack.”
The advisory posted on the
official Twitter and Facebook accounts of
Pune city police points out that the malware is mainly delivered through emails
and locks up the valuable data. “The hackers check the victims’ social media
accounts, and create fake email address pretending to be a friend or contact to
get them to click on the attachment. Health, education, social sector are highly
targeted because of misconfigured security systems.”
Listing out the steps to
prevent an attack, the advisory says, “Do not click links from unknown sources
and without establishing authenticity of link even from the known sources.
Prepare an up-to-date inventory of all ‘digital assets’ at various locations
being used by various functionaries of the organisation. Make a trustworthy
knowledgeable employee, Administrator of the Digital Assets (ADA). Let ADA keep
system softwares up-to-date, including operating systems and applications. ADA
has to ensure the back-up of all digital content located in the ADA
jurisdiction everyday. Back-up has to be distributed. Mandate security auditing
by the auditors empaneled by the Indian Computer Emergency Response Team
(ICERT) for digital assets. Strictly avoid the usage of unregistered and
unmonitored devices.”
The advisory also talks about
the response after a system has fallen prey to the attack. “Remove the infected
machines from the network so the ransomware does not use the machine to spread
in the network. Report the attack and register all information and facilitate
the investigation. Let one authorised spokesperson of the entire department
communicate with the media.”
In the attacks that Pune city police have recorded in the past, mostly organisations, and in some cases individuals, have been targeted. In all the cases, the users had clicked malicious links received from email, a police officer said.
0 comments:
Post a Comment