The biggest ransomware attack, Wanna Cry, that has hit the cyber space across multiple countries including India recently, has prompted the National Informatics Centre (NIC) to issue a detailed advisory asking all government bodies to immediately prepare an up-to-date inventory of all ''digital assets'' at various locations and facilities used by various functionaries of the organisations. NIC is the apex government body that steers e-governance applications at the central, state and district level in the country.
The NIC has said that such digital assets need a ''back up'' immediately so that it can restore encrypted data in case of a ransomware attack. It has particularly warned the health, education and social sectors saying that these three are high on the target list of the hacker attacks, owing to their ''antiquated or mis-figured security systems and the amount of sensitive data they hold.''
The two-page advisory explains that the attack involves malware delivered through spear phishing emails that lock up valuable data assets and demand a ransom to release them. The NIC has listed an 11 point list of do's and don't where it has clearly stated that any ransomware attack needs to be reported to enable the government to launch a prompt investigation.
"If every bit of data of the organisation is safeguarded and back up is kept secretly, even if hackers attack and demand ransom, government can launch an investigation rather than making a payment,'' it said.
The NIC has also said that a trustworthy knowledgeable functionary, preferably a permanent government employee, should be made the administrator of the digital assets of the organisation at each location, who can then keep all the software, especially the system software, including operating systems and applications up-to-date. The NIC is also roping in all these officials to help them train their staff on cyber security practices, like emphasising on not opening attachments or links from unknown sources and undertaking regular security audits for all the digitial assets as mandated by the government policy.
Explaining the various modus operandi of the cyber attackers, the advisory said that social media platforms were highly vulnerable. "Hackers now check a victim's social media account and create a fake email address pretending to be a friend or contact in order to get them to click on an infected link of attachment,'' it said.
The attack in the cyber space is also keeping the financial sector on its toes as digitial monetary transactions have come under threat. Amid reports that banks have shut down some ATMs following the ransomware attack, the Union home ministry has swung into action seeking reports from the state police agencies on reports of complaints and cases registered by them in this regard. Sources in the ministry said that those reports were awaited and the MHA was working in close coordination with the ministry of finance and other institutions particularly to monitor the ''digital assets'' in far flung areas where they are most vulnerable.
The officials concede that the systems are not fool-proof which is an area of concern for the government. MHA sources said that finance ministry and other agencies were directing shutting down of vulnerable systems, if any, even as a close watch was being kept on the developing situation.
