The cyber security agency Computer Emergency Response Team of India (CERT-In) has issued a red-coloured ‘critical alert’ in connection with the WannaCry attack and warned users to not pay the ransom.
Ransomware attacks that seized computers worldwide held those systems hostage are likely to worsen this week as millions of people return to work, security analysts said.
With much of the world still reeling from the digital breach that prevented people from receiving hospital care, a second wave of “the biggest ransomware attack ever” could be more disastrous
“They’re going to turn on their computers in the morning and find out if they were protected or not,” said James Barnett, a security expert.
The software, which first affected Britain’s National Health Service before spreading to as many as 150 countries, locked down victims’ computers and threatened to delete their files unless they paid $300. Primarily targeted users were Windows XP and Microsoft.
Damage from Friday’s attack was contained by the efforts of a 22-year-old security researcher. The researcher discovered that the unnamed attackers had accidentally included a “kill switch” in their software that would allow the owner of a particular website to stop the attack. By paying about $10 to acquire the domain name, the researcher was able to retreat the malware.
But that victory could be short-lived, experts said, because of the software, known as WannaCry or Wanna Decryption, is likely to be modified soon and continue its spread in a slightly different form.
For IT workers and security researchers, the episode highlights the challenge of fighting an ever-mutating enemy whose motives are not clear
The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world.