ransomware virus Important Press note By Cyber Crime Branch Ahmedabad
The country’s cyber security agency has alerted Internet users against damaging activities of a strong and globally active ransomware virus- ‘Wannacry’- that critically infects work stations and locks them remotely.
A red-coloured ‘critical alert’ has been issued by the Computer Emergency Response Team of India (CERT-In), the nodal agency to combat hacking, phishing and to fortify security- related defences of the Indian Internet domain.
“It has been reported that a new ransomware named as Wannacry is spreading widely. Wannacry encrypts the files on infected Windows systems. This ransomware spreads by using a vulnerability in implementations of server message block (SMB) in Windows systems.
‘WannaCry’ encrypts files with the following extensions, appending .WCRY to the end of the file name like .lay6, .sqlite3, .sqlitedb, .accdb, .java and .docx among others.
The CERT-In has suggested some anti-ransonware measures:
Check regularly for the integrity of the information stored in the databases, regularly check the contents of backup files of databases for any unauthorised encrypted contents of data records, do not open attachments in unsolicited emails even if they come from people in your contact list and never click on a URL contained in an unsolicited email, even if the link seems benign.
“In cases of genuine (universal resource locators) URLs, close out the email and go to the organisation’s website directly through browser,” it said.
The most important advisory by the CERT-In stated “individuals or organisations are not encouraged to pay the ransom as this does not guarantee files will be released.
“Report such instances of fraud to CERT-In and law enforcement agencies,” it said.