The wanna cry ransom attack- one of the largest ever cyber attacks that struck targets ranging from Russia’s banks to British hospitals and a French carmaker’s factories.Wanna cry or Wanna decrypt is a ransomware that particularly affects Microsoft’s Windows operating System.When a system is infected, a pop-up window appears, prompting that the owner of the computer has to pay (through Bitcoin only) to recover all of his files present in the computer within three days, with a countdown timer.
The Chief research officer of Helsinki- based cyber security company, Mr. Mikko Hypponen, said that particularly Russia and India were hit hard because the older versions of Windows are mostly used in this countries and lack of maintenance of patch. According to initial calculations performed soon after the ransomware struck on Friday night, around 5% of all computers affected in the attack was in India.
National cyber Security Adviser in the PMO(Prime Minister’s office), Gulshan Rai, referring the malware attack in the Andhra Pradesh Police cyber attack said that about 100 systems were attacked and better impact assessment would be possible only on Monday when offices open.Pradipto Chakraborty, Regional director, CompTIA India(CompTIA is a global not profit IT industry trade body) said that the police system was impacted which may be due to poor patch maintenance and using older Microsoft operating system.
The more worrying thing about the cyber attacks in India is, about 70% of ATMs (Automated Teller Machine) works on Windows XP which is an easy prey for the cyber attacker. Recently Microsoft took the unusual step of releasing free software patches for older, unsupported windows system like XP.
According to data accessed from The Indian Computer Emergency Response Team(ICERT or CERT-In) in the past few month, nearly 11,000 networks in India have been victims of probing and scanning by hackers. They also advised the users in India to upgrade their systems to the latest Windows patch level.
Although Microsoft released a security patch for the flaw earlier this year but many systems has not been updated yet. Some global cyber security community working independently to find out a solution to this malware attack and the hunt was on for the culprits behind the assaults.
Recently, a cyber security researcher tweeted that he accidentally discovered a kill switch that can stop the spread of that ransomware for now. According to the researcher, when he began to analyzing a sample of the malware he noticed that its code included a hidden unregistered web address. So, after registering the web address he stopped the spreading of that malware. Also, he added that people need to update their systems ASAP as soon as possible, but the crisis is not over yet because they can always change the code and try again.
As of now, ultimately the situation is that- no one can give confidence in this regards. It requires a lot of IT intelligence, strong software security and strong government decision.
