GET Stock QuotesNews18 APP
News18 English
cricketnext
»
4-min read

Panchayat Office in Kerala's Wayanad District Hit by 'WannaCry' Ransomware

Authorities in the panchayat office claim they saw a message on their computer screen which stated that their files had been encrypted and that they would have to pay up to recover them.

Neethu Reghukumar | CNN-News18

Updated:May 15, 2017, 2:17 PM IST
facebookTwittergoogleskypewhatsapp
Panchayat Office in Kerala's Wayanad District Hit by 'WannaCry' Ransomware
Image for Representative purpose (Image: Reuters)

Wayanad: The worldwide cyberattack of WannaCry ransomware affected four computers in a panchayat office in Thariyode of Wayanad district.

Authorities in the panchayat office claim they saw a message on their computer screen which stated that their files had been encrypted and that they would have to pay up to recover them.

The message warned that if the payment wasn’t done within three days, then the price would be doubled. The message stated that seven days was the total time given for the payment, supposed to be done through bitcoins, failing which, the files would be deleted.

“On Friday evening, the officers present felt there was some virus as the systems were getting slow. Since it was time to leave, the officers shut down the system and thought they would check it on Monday. Today when they came to office, they saw the message. The systems have details related to property tax and panchayat accounts,” said a panchayat office official.

Nodal officer of Kerala Police Cyberdome, IG Manoj Abraham said, “Looking at the message we think it is a ransomware attack. We have sent our team to confirm the same. The four computers were networked, so they are already affected."

Earlier, India’s cyber security agency has alerted Internet users against damaging activities of a strong and globally active ransomware virus- 'WannaCry'- that critically infects work stations and locks them remotely.

On Sunday evening, the Maharashtra Police department said it was partially hit by the ransomware.

"Cyber experts have been engaged to fix the systems," a senior police officer said.

The red-coloured 'critical alert' was issued by the Computer Emergency Response Team of India (CERT-In), the nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.

"It has been reported that a new ransomware named as WannaCry is spreading widely. WannaCry encrypts the files on infected Windows systems. This ransomware spreads by using a vulnerability in implementations of server message block (SMB) in Windows systems.

This exploit is named as ETERNALBLUE," an advisory issued by the CERT-In, accessed by PTI, said.

It said the ransomware called 'WannaCry' or 'WannaCrypt' encrypts the computer's hard disk drive and then spreads laterally between computers on the same local area network (LAN).

"The ransomware also spreads through malicious attachments to emails," it said.

A huge extortion cyberattack had hit dozens of nations on Saturday, holding computer data for ransom at hospitals, telecommunications firms and other companies.

ALSO READ: Indian-origin Doctor Had Warned Against Cyber Attack on UK Hospitals

Following the alert, the Gujarat government began equipping its state computer systems with anti-virus softwares and upgrading its Microsoft operating systems.

Computers linked to the Gujarat State Wide Area Network (GSWAN), one of country's largest IP-based IT infrastructure connecting taluka-level government offices to the state capital with around 45,000 computers, are being monitored closely, said Science and Technology Department Secretary Dhananjay Dwivedi.

A cyber ransomware is a type of malicious software that blocks access to a computer system until a sum of money is paid through the online medium.

The cyber sleuths agency advised users to apply patches to their Windows systems in order to prevent its infection and spread.

The ransomware virus is such lethal and smart that "it also drops a file named '!Please Read Me!.txt' which contains the text explaining what has happened (to the computer) and how to pay the ransom."

ALSO READ: Next Global Cyber-attack Likely on Monday, Warn Experts

'WannaCry' encrypts files with the following extensions, appending. WCRY to the end of the file name like .lay6, .sqlite3, .sqlitedb, .accdb, .java and .docx among others.

The CERT-In has suggested some anti-ransonware measures: Check regularly for the integrity of the information stored in the databases, regularly check the contents of backup files of databases for any unauthorised encrypted contents of data records, do not open attachments in unsolicited emails even if they come from people in your contact list and never click on a URL contained in an unsolicited email, even if the link seems benign.

In cases of genuine (universal resource locators) URLs, close out the email and go to the organisation's website directly through browser," it said.

The most important advisory by the CERT-In stated "individuals or organisations are not encouraged to pay the ransom as this does not guarantee files will be released.

"Report such instances of fraud to CERT-In and law enforcement agencies," it said.

(With inputs from PTI)

Read full article
Next Story
facebookTwittergoogleskypewhatsapp

Live TV