Banks Asked To Update ATM Software To Prevent ‘WannaCry’ Cyberattack
New Delhi: The Reserve Bank of India has asked banks to follow the instructions of the Indian Computer Emergency Response Team (CERT-In), a government organisation, to prevent attack by ransomware ‘WannaCry’ which has impacted various IT networks in over 150 countries. CERT-In has come out with a list of dos and don’ts and webcast on how to protect networks from the global ransomware attack.
It has been reported that a new ransomware ‘WannaCry’ is spreading widely, the RBI advisory to the banks said.
Wannacry encrypts the files on infected Windows system and spreads by exploiting vulnerabilities, it said.
The RBI also asked all banks to put in place a software update at ATMs to prevent their systems from a malware that has attacked payment systems across the world.
In a separate malware attack last year, 3.2 lakh debit cards were compromised in the country. Data of the users who transacted from ATM machines of Hitachi were compromised during May, June and July last year. The Hitachi ATMs deployed by many White Label ATM players and Yes Bank were impacted by the malware.
According to reports, ATMs or automated teller machines are highly vulnerable to such malware attacks as they currently run on old version of Microsoft’s Windows operating system, making a software security patch update a necessary exercise.
There are a total of 2.2 lakh ATMs in India, of which many old ones run on Windows XP.
Over the weekend, the ransomware has hit systems in more than 150 countries, including Russia and the UK, in one of the most widespread cyber attacks in history. It infected computers running on older versions of Microsoft operating systems like XP, locking access to files on the computer.
The cyber criminals have demanded a fee of about $300 in crypto-currencies like Bitcoin for unlocking the device.
Microsoft has introduced a security patch to tackle the situation, and consumers across the globe have been advised to download the solution at the earliest.
CERT-In on Monday said it has not received any formal report of cyber attack on India’s vital networks by the crippling global ransomware, ‘WannaCry’.
The Ministry of Electronics and Information Technology (MeitY) had said on Sunday that a few systems of the Police Department in Andhra Pradesh were impacted and that the state government has been informed to follow the advisory by the CERT-In.
Besides, the Maharashtra Police department said it was partially hit by the ransomware.
Following the alert, the Gujarat government began equipping its state computer systems with anti-virus software and upgrading its Microsoft operating systems.
As per the advisory issued by CERT-In, the ransomware infects other computers on the same network and is also spreading through malicious attachments to e-mails. Security firms have suggested that users immediately disconnect the infected device from the local network to contain the spread of infection.
In Spain, major companies including telecommunications firm Telefonica have been infected. The most disruptive attacks were reported in the UK, where hospitals and clinics were forced to turn away patients after losing access to computers.
[“source-ndtv”]