Ransomware: WannaCry to attack Indian banking system soon, says cyber expert

New Delhi: Despite downplay of rasomware WannaCry's impact by the Centre, IT experts have cautioned users that the number of effected organizations may rise rapidly. "There are so many states that have been affected. The first thing that they are not doing is checking what systems have been affected," Subhamangala, Cyber Security expert told ANI. Experts are suspecting that the next wave of attacks will be subjected to the banking sector. "Our banks may be affected in a couple of hours. We are expecting it and have informed the banks, since most of our ATMs run on the windows operating system which is the operating system effected by WannaCry," Subhamangala added. Experts have warned organizations, businesses and other sectors to take required precautions and update their systems. "India needs an in-depth, defensive approach to tackle threats of cyberattack threats such as ransomware. What this implies is a multi-level approach to cybersecurity that can protect systems at different layers – both at technical and physical levels," said Krishnashree Achuthan, Director, Center for Cybersecurity Systems and Networks at Amrita University. "India must become self-reliant in developing indigenous, world-class software and systems that must be adequately validated and hardened through secure development techniques," she said. WannaCry, the ransomware cyber attack that has affected computers worldwide has made its way to India, affecting states like West Bengal, Andhra Pradesh, Telangana, and Kerala. The cyber attack has been deemed as the biggest in history even as IT specialists suggest that the cyber criminals responsible have not made much monetary benefits. According to reports, on Monday, the Government of India had activated a "preparedness and response mechanism" to prevent any major cyber attack from a new ransomware -- "WannaCry" -- which has infected computer systems around the world. According to the Ministry of Electronics and Information Technology (MeitY), it had activated a "preparedness and response mechanism" by instructing CERT-IN (Computer Emergency Response Team) to gather "all the information of the reported ransomware". Recently, a global cyber attack was launched using the "WannaCry" ransomware and the malicious software infected computers and restricted users' access to it until a ransom is paid to unlock it. CERT-IN, on May 13, had issued an advisory for both reactive and preventive actions to deal with the ransomware. "MeitY has initiated contact with relevant stakeholders in public and private sector to 'patch' their systems as prescribed in the advisory issued by CERT-IN. MeitY has also requested Microsoft India to inform all their partners and customers to apply relevant patches," the ministry had said in a statement. "In India, no reports have been formally received so far regarding this ransomware attack. However, it is understood that a few systems of the police department in Andhra Pradesh were impacted. MeitY has informed AP government, to follow the CERT-In advisory." Ransomware spreads by using a vulnerability in implementations of "Server Message Block" (SMB) in Windows systems, said the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). (With inputs from agencies)