In the wake of global ransomware attack that has affected over 100 countries, the Ministry of Electronics and Information Technology (MeitY) has reached out to key stakeholders like RBI, National Payments Corporation of India, NIC and UIDAI (Aadhaar) to advise them to protect their systems against 'Wanna Cry' ransomware to ensure that the digital payments ecosystem in the country is protected.
The ministry has also asked cyber security unit CERT-In to gather more information on the ransomware that crippled computer networks across the globe in one of the worst cyber-attacks to have hit the world.
Though there haven't been any formal reports so far related to the ransomware attack, MeitY said a few systems of the Police Department in Andhra Pradesh were impacted and that the state government has been informed to follow the advisory by the Indian Computer Emergency Response Team (CERT-In).
"MeitY is keeping a close watch on the developments on the ransomware and is working in close coordination with all relevant agencies," it said in a statement.
A global cyber attack apparently based on stolen US National Security Agency’s surveillance tools engulfed over 100 countries on Friday affecting tens of thousands of machines worldwide, that included Spanish telecommunications giant Telefónica, operations at the Russian Interior Ministry, and Britain’s National Health Services (NHS), where hospitals were disrupted and medical procedures were stalled.
Hackers exploited a known vulnerability in Microsoft Windows to lock scores of computers and demand a ransom of $300 worth of bitcoin, a digital currency that is difficult to track, to restore access.
The IT ministry has also reached out to the Department of Telecom (DoT) to alert Internet service providers (ISPs) to secure their networks as well as the Data Security Council of India (DSCI) and CDAC to ensure that users across the country, especially those in the private sector, are cautioned about the ransomware.
The Ministry has also been in touch with Microsoft India, urging it to inform all its partners and customers to use the relevant patches of the security solution. According to CERT-In, the ransomware spreads by infecting other computers that work on the same network and also through malware in e-mail attachments. To stop its spread, therefore, security firms have suggested that users disconnect the infected device from the local network.