India issues do’s and don’ts to fight back cyber attack

New Delhi: India’s cyber security agency Computer Emergency Response Team of India (CERT-In) has asked users in the country not to pay ransom if hit by ransomware WannaCry which has impacted 2 lakh people in over 150 countries.

The countries, including India, were hit by what is believed to be the biggest-ever recorded cyberattack on Friday with investigators looking for those behind the hack that affected systems at banks, hospitals and government agencies globally, media reports said

“Individuals or organisations are not encouraged to pay the ransom, as this does not guarantee files will be released. Report such instances of fraud to CERT-In and law enforcement agencies,” said CERT-In in a red-coloured “critical alert”.

It has advised  users and organisations to  apply patches to their Microsoft operating system Windows to prevent getting infected by the attack.

The threat was “escalating” as cyber experts warned that another attack was imminent by Monday.

The hackers are believed to have used “cyber weapons” stolen from the US’ National Security Agency to lock up computers and hold users’ files for ransom

CERT-In warned that Wannacry is spreading widely. “Wannacry encrypts the files on infected Windows systems,” said the CERT-In alert.

WannaCry or WannaCrypt encrypts the computer’s hard disk drive and then spreads laterally between computers on the same LAN, it said. It also spreads through malicious attachments to e-mails.

The virus displays messages demanding a payment of 300 dollars in virtual currency Bitcoin to unlock files and return them to the user.

CERT-In has advised users to maintain updated antivirus software on all systems and check regularly for the integrity of the information stored in the databases.

“Regularly check the contents of backup files of databases for any unauthorised encrypted contents of data records or external elements, (backdoors /malicious scripts),” it said.

CERT-In advised users to keep the operating system third-party applications (MS office, browsers, browser Plugins) up to date with the latest patches.

“Perform regular backups of all critical information to limit the impact of data or system loss and to help expedite the recovery process. Ideally, this data should be kept on a separate device, and backups should be stored offline,” it said.

It asked users not to open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if the link seems benign.

“In cases of genuine URLs close out the e-mail and go to the organisation’s website directly through browser,” it said.

CERT-In asked users to follow safe practices when browsing the web and ensure the web browsers are secured enough with appropriate content controls. “Restrict users’ abilities (permissions) to install and run unwanted software applications. Enable personal firewalls on workstations.” It advised organisations to implement strict External Device (USB drive) usage policy.

An Indian-origin doctor based in London had warned against the cyber-hack of the NHS just days before it crippled the country’s network.