Tuesday, May 16, 2017

Pune Police issue advisory on ransomware


PUNE: City police have issued an advisory on computer users, especially institutions and organisations, about preventing cyber threats like the ransomware WannaCry, which has created havoc across 150 countries. Though cyber crime cell of Pune city police has not received any case related to this current threat, a total of 15 cases of ransomware attacks have been recorded since January 2016.

In an additional advisory issued, the cyber crime cell has said that the individuals should keep their anti-virus systems updated and systems like Windows Defender and Windows Firewall should be kept on. On the organisational level, it has been advised that anti-spoofing tools should be kept on and email filtering mechanisms should be used for company network-based emails.

During last week, WannaCry ransomware, a type of malicious software, has infected over 2.3 lakh systems in 150 countries, including India, Germany, Russia and the United Kingdom, in one of the biggest cyber attacks in history. The ransomware has mainly affected the computers running on older versions of Microsoft operating systems. It blocks the user access to files on the computer and cyber criminals then demand a fee of about $300 in encrypted online currency like Bitcoin for giving back the access to the user. The Microsoft has introduced a security patch to deal with the attack and the users across the world have been advised to update their systems with the patch.

Inspector Radhika Phadke of the cyber crime cell of city police said, “Till now, we have not received any specific case of the ransomware WannaCry, which is currently affecting the systems all over. But we have recorded such cases in the past – four this year and 11 last year. For Pune’s citizens, we have issued the advisory on the basis of what the National Informatics Centre (NIC) has said on the issue. We will also be putting up the Marathi version soon for the benefit of all citizens. The advisory talks of the concept of the ransomware, ways to prevent the attack and mitigating an attack.”

The advisory posted on the official Twitter and Facebook accounts of Pune city police points out that the malware is mainly delivered through emails and locks up the valuable data. “The hackers check the victims’ social media accounts, and create fake email address pretending to be a friend or contact to get them to click on the attachment. Health, education, social sector are highly targeted because of misconfigured security systems.”

Listing out the steps to prevent an attack, the advisory says, “Do not click links from unknown sources and without establishing authenticity of link even from the known sources. Prepare an up-to-date inventory of all ‘digital assets’ at various locations being used by various functionaries of the organisation. Make a trustworthy knowledgeable employee, Administrator of the Digital Assets (ADA). Let ADA keep system softwares up-to-date, including operating systems and applications. ADA has to ensure the back-up of all digital content located in the ADA jurisdiction everyday. Back-up has to be distributed. Mandate security auditing by the auditors empaneled by the Indian Computer Emergency Response Team (ICERT) for digital assets. Strictly avoid the usage of unregistered and unmonitored devices.”

The advisory also talks about the response after a system has fallen prey to the attack. “Remove the infected machines from the network so the ransomware does not use the machine to spread in the network. Report the attack and register all information and facilitate the investigation. Let one authorised spokesperson of the entire department communicate with the media.”

In the attacks that Pune city police have recorded in the past, mostly organisations, and in some cases individuals, have been targeted. In all the cases, the users had clicked malicious links received from email, a police officer said.


Post a Comment