Ransomware is a form of malicious software that locks up the files on your computer, encrypts them, and demands that you pay to get your files back. Wanna Decryptor, or WannaCry, is a form of ransomware that affects Microsoft’s Windows operating system. When a system is infected, a pop up window appears, prompting you to pay to recover all your files within three days, with a countdown timer on the left of the window. It adds that if you fail to pay within that time, the fee will be doubled, and if you don’t pay within seven days, you will lose the files forever. Payment is accepted only with Bitcoin.
How does it spread?
According to the US Computer Emergency Readiness Team (USCRT), under the Department of Homeland Security, ransomware spreads easily when it encounters unpatched or outdated software. Experts say that WannaCry is spread by an internet worm -- software that spread
Who has it affected so far?
It was first reported from Sweden, Britain and France, but Russia and Taiwan are said to be the worst hit, according to US media. Over 75,000 systems have been affected. Major companies that have reported attacks are FedEx, Telefonica and National Health Service (UK).
80% of Indian ATMs operate on Windows XP and uses a firmware that limits the machine’s activities to basics such as dispensing cash and checking the balance. Other activities are blacklisted, which prevent a ransomware from attacking an ATM.
Updated: May 16, 2017 10:28 IST
By Suchetana Ray, Hindustan Times, New Delhi
PRECAUTIONS YOU CAN TAKE
Apply the patches to the Windows systems recommended by Microsoft Security Bulletin MS17-010.
Maintain updated antivirus software.
Keep and regularly update an offline database of important files. Ideally, backups of data should be maintained on separate devices.
Organisations connecting to the Internet through Enterprise Edge or perimeter network devices [UDP 137, 138 and TCP 139, 445] should block their SMB ports or disable SMBv1.
Users and administrators of older Windows systems such as Windows XP, Vista, Server 2008, and Server 2003 should get an update to a newer version.
Bank ATMs across India might escape the WannaCry worm global attack that locks computers and demands a ransom, cyber security experts said on Monday.
At least 80% of Indian ATMs operate on Windows XP and uses a firmware that limits the machine’s activities to bare basics such as dispensing cash on request and checking the account balance.
Other activities are blacklisted, preventing a ransomware from attacking an ATM.
Speculation swirled in India over the safety of ATMs after WannaCry crippled more than 200,000 computer systems across 150 countries since Friday.
India’s cyber security agency alerted Internet users against the worm that locks down files of an infected computer and asks the user to pay a ransom of $300 in Bitcoin virtual currency to unlock the system.
The worm takes advantage of a Windows vulnerability that Microsoft released a security patch for in March and computers that hadn’t updated were still at risk.
WannaCry has struck banks, hospitals, government agencies across the globe.
Experts cautioned that this is high time for banks to update the software used in ATMs.
“Most ATMs in India use white-listing services to eliminate threats from malwares and worms within their internal networks. WannaCry doesn’t look like something that will affect the ATMs, unlike personal or corporate endpoints,” said Saket Modi, the CEO and co-founder of Lucideus.
Lucideus is an IT risk assessment and digital security services provider.
The fear of losing money and crucial banking data is palpable as hackers last October attacked a server linked to Indian ATMs and corrupted more than 3 million cards issued by 19 banks.
The attack was on one of the companies that provide the ATM switch — a payment transfer engine that allows the cash dispensing machine’s software to connect to interbank networks.
Most switches are in remote locations, not at the ATM. A bank branch that has an ATM is likely to manage its own switch, but the rest may be maintained by agencies such as Hitachi.
To ensure safety against any breach, the IT ministry has reached out to key stakeholders such as the RBI, National Payments Corporation of India, NIC and Aadhaar-provider UIDAI to protect the digital payment systems against WannaCry.
No comments:
Post a Comment