If access to some State government websites has been blocked or has only partial access, blame it on the WannaCry ransomware bug scare that has infected several hundreds of systems around the world.
As the scare is big, the e-Governance Department has shut several government websites that had been given direct IP access or has temporarily closed some access to certain sites till the “patching” is completed. Microsoft, on Friday, released patches to close vulnerabilities that allowed the bug to access networks.
The State Data Centre and several publicly accessed websites are safe and the ransomware attack has not affected them, sources in the e-Governance Department said. After the Microsoft notification, some of the ports in the data centre that were believed to be vulnerable have been addressed. “Till now, we do not have information of our systems being compromised because of the attack,” a senior official said.
Sources in the department told The Hindu that the patching work to set right the ports that were vulnerable commenced on Friday evening itself. The Indian Computer Emergency Response Team in the Union Ministry of Electronics and Information Technology had also issued “critical alert” to respective State governments by providing guidelines to be followed to prevent the ransomware attack, sources said.
According to an official in e-Governance Department, officials in the data centre worked on Saturday and Sunday too to fix the patches and protect the ports from any possible attack from ransomware. “Even on Monday, application of patches continued,” the official said, adding that they were following guidelines issued in Microsoft Security Bulletin MS 17-010.
Meanwhile, individual departments that operate their own systems have been asked to update anti-virus software and close vulnerabilities, if any. “I updated the anti-virus software and implemented firewalls to prevent attacks as soon as we heard about it. However, there could be many departments where awareness is low among the officials. Systems in these departments could be vulnerable in future if they survived ransomware,” a senior official said.
Banks on alert
Some banks started distributing Microsoft patches to their branches to guard their systems, many of which run on outdated software. An official at Canara Bank said: “Anti-ransomware software has been enabled since we received the information. All e-mails, both incoming and outgoing, are blocked for now.”
An official from State Bank of India said that after the first attack was reported on Friday, they started upgrading the security software and installing a stronger firewall in the systems. An official from Vijaya Bank, which is headquartered in Bengaluru, also said that they have started distributing the patch MS-17-010 from Microsoft to all its branches.
Some banks even advised employees not to connect any external devices to the systems.
While many residents were unaware of the attacks, there were a few who rushed to withdraw money after rumours about ATM shutdown circulated. In the Indian Overseas Bank ATM, a person on the condition of anonymity said: “I happened to see the news in the morning. I have come to withdraw cash in case the ATM’s shut down and I run out of money.”
Private hospitals take precautions
Private hospitals in the city are on high alert following the ransomware attack, although none of them have been affected. Worried about losing their patient records, most hospitals are updating the virus-related patches. Some others are taking precautions to keep a back-up of their patient records.
‘Don’t open anonymous e-mails’
Several organisations, including banks, hospitals and some government agencies, have informed their employees not to open mails, especially with attachments unless they are from known people. “We have asked our doctors and other staff not to open any mails, especially with attachments. Our IT department is on the job to ensure our patient records are not hit,” said Sudarshan Ballal, Chairman of Manipal Hospitals. Banks also advised customers not to click on anonymous e-mails besides asking their employees to be wary of such mails.
The government’s Treasury Department has also asked its district employees not to send important documents on e-mails, while the Forest Department has asked its employees to be careful while using Internet.
