Four computers in a panchayat office in Kerala’s Wayanad district were on Monday found to be infected with a virus that cyber police suspect to be “WannaCry”, a ransomware virus that has shut down computer systems across the world and affected a range of services. Similarly, computers of the West Bengal State Electricity Distribution Company have been affected by a similar virus at four locations in West Midnapore district, ANI reported.
Authorities in the Kerala panchayat office said they saw a message on their computer screen which said their data had been encrypted and would be returned only on payment, News18 reported. “On Friday evening, the officers present felt there was some virus as the systems were getting slow. Since it was time to leave, the officers shut down the system and thought they would check it on Monday. When they came to office after the weekend, they saw the message. The systems have details related to property tax and panchayat accounts,” the report quoted a panchayat office staff member as saying.
“We think it is a ransomware attack. We have sent our team to confirm the same. The four computers were networked, so they are affected,” IG Manoj Abraham, nodal officer of Kerala Police Cyberdome, said.
The Computer Emergency Response Team of India on Monday warned internet users against falling prey to an international ransomware virus known as “WannaCry” and issued a “critical alert”. The malware disrupts the functioning of Windows workstations and blocks access to files on a computer until a ransom is paid online through bitcoins.
“It has been reported that a new ransomware named as WannaCry is spreading widely,” the advisory read, identifying the virus as “ETERNALBLUE”. “WannaCry encrypts the files on infected Windows systems. This ransomware spreads by using a vulnerability in implementations of server message block.”
The virus encrypts the computer’s hard disk drive and then spreads the bug across systems in the same local area network. It also spreads through malicious attachments to emails.
The major cyber attack had targeted several nations, bringing operations at hospitals, telecommunications firms and other companies to a halt. CERT has suggested using patches in users’ Windows systems to prevent the bug from spreading. The ransomware also “drops a file named ‘!Please Read Me!.txt’ that contains the text explaining what has happened [to the computer] and how to pay the ransom”.
The agency has warned against opening attachments from unsolicited emails, even if the sender appears to be from your contact list. It has also advised against opening URLs in unsolicited emails.
Moreover, Microsoft, whose Windows XP systems were hit by the attack, has said that the violation should serve as a “wake-up call” to governments to report vulnerabilities instead of stockpiling or exploiting them. The breach affected around two lakh people in over 150 countries. The IT giant has launched an upgrade that addresses the loophole, but a majority of users have yet to install it. In his blogpost, Microsoft President and Chief Legal Officer Brad Smith said cyber security has become a shared responsibility between technology companies and customers.
The first casualty of these global cyber attacks was the National Health Service in the UK. The cyber attack had led to chaos in some places, with appointments being cancelled, patients being turned away and phone lines getting disrupted.
A few Spanish companies were soon affected by the security breach, including telecom company Telefonica. Reports poured in from Portugal, Russia, Ukraine and Taiwan, as well. The US was the least affected by the cyber crime, though the systems of shipping firm FedEx were hit.