Ransomware cyber-attack

Posted by The Open Page | 17th May 2017

Ransomware - a malicious program that locks a computer's files until a ransom is paid.
A cyber-attack that has hit 150 countries since Friday, 12th May, 2017 should be treated by governments around the world as a “wake-up call” (A thing that alerts people to an unsatisfactory situation and prompts them to remedy it.), Microsoft says. 
It blamed governments for storing data on software vulnerabilities which could then be accessed by hackers. It says the latest virus exploits a flaw in Microsoft Windows identified by, and stolen from, US intelligence. There are fears of more “ransomware” attacks.
Many firms have had experts working over the weekend to prevent new infections. The virus took control of users’ files and demanded $300 (Rs. 19221.00 Indian Rupee) or other payments, payments to restore access. The spread of the virus slowed over the weekend but the respite might only be brief, experts have said. 
Reported Issue :More than 200,000 computers have been affected so far. But on Monday 15th May 2017  South Korea said just nine cases of ransomware had been found, giving no further details. Australian officials said so far only three small-to-medium sized businesses had reported being locked out of their systems while New Zealand’s ministry of business said a small number of unconfirmed incidents were being investigated. In Japan, both Nissan and Hitachi reported some units had been affected, while in China energy giant PetroChina said that at some petrol stations customers had been unable to use its payment system.
The government of India said, “ There was no serious impact in the country due to a global ransomware cyber attack, except for a few isolated incidents in Kerala and Andhra Pradesh.”

IT Minister Ravi Shankar Prasad said the systems run by the National Informatics Centre were secured and running smoothly. “There is no major impact in India unlike other countries. We are keeping a close watch. As per the information received so far, there have been isolated incidents in limited areas in Kerala and Andhra Pradesh,”
In the Gujarat Some of the Government Network is duely slow responses as well as  Not repsonding in the right way. There are “ G-Swan, E-GUJCOP and Some of the ATM. The Government is issue the notification for the Bank to Update ATM’s Software and also close the all ATMS Till the New Software is updated. 
The organisation also said that many organisations had failed to keep their systems up to date, allowing the virus to spread. Microsoft said it had released a Windows security update in March to tackle the problem involved in the latest attack, but many users were yet to run it. “As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems,” Mr Smith said. 
•Why weren't people protected?
In March, Microsoft issued a free patch for the weakness that has been exploited by the ransomware. WannaCry seems to be built to exploit a bug found by the US National Security Agency.
When details of the bug were leaked, many security researchers predicted it would lead to the creation of self-starting ransomware worms. It may, then, have taken only a couple of months for malicious hackers to make good on that prediction.
It was originally thought that a number of victims were using Windows XP, a very old version of the Windows operating system that is no longer supported by Microsoft.
However, according to cyber-security expert Alan Woodward, from Surrey University, the latest statistics suggest this figure is actually very small.
Large organisations have to test that security patches issued by the provider of their operating systems will not interfere with the running of their networks before they are applied, which can delay them being installed quickly.
•Who was behind the attack?
It's not yet known, but some experts are saying that it was not particularly sophisticated malware. The "kill switch" that stopped it spreading - accidentally discovered by a security researcher - may have been intended to stop the malware working if captured and put in what's called a sandbox - a safe place where security experts put computer malware to watch what they do - but not applied properly.
Ransomware has been a firm favourite of cyber-thieves for some time as it lets them profit quickly from an infection. They can cash out easily thanks to the use of the Bitcoin virtual currency, which is difficult to trace.
However it's unusual for an expert criminal gang to use so few Bitcoin wallets to collect their ransom demands - as in this case - as the more wallets there are, the more difficult the gang is to trace.
Harsh Soni

Read Full Post »