Ranchi, May 15: The state chapter of National Informatics Centre (NIC), which handles several key IT-allied projects for the Jharkhand government, on Monday asked all its district wings to gauge the vulnerability of computers still using the obsolete Windows XP operating system in the wake of a global cyber attack that has hit 150 countries, including India.
WannaCry is a ransomware programme that began targeting the old Microsoft OS since Friday. It has infected more than 230,000 computers, demanding ransom payments in the cryptocurrency bitcoin. The cyber attack is spreading through multiple methods, including phishing emails and on unpatched (insecure) systems as a computer worm. The attack has been described by Europol as “unprecedented” in scale.
The attack has affected several large companies in Spain, the National Health Service (NHS) in Britain and, closer home, the computer system of Maharashtra police, according to agency reports.
Jharkhand, like most parts of the country, is at high risk because many government and private offices as well as individual citizens still use the archaic Windows XP, which Microsoft has stopped supporting. These institutions have not upgraded to the new Windows system, which has a patch that guards against malware.
“We have sent advisories to all the 24 districts to prevent using Port 445 (an archaic gateway to use OS) for accessing computers or Internet services. More than network devices, which are usually protected, the attack is exploiting computers still using Windows XP. Though the NIC does not use the old system, there are high chances other government offices do,” said S.K. Mahakaul, senior technical director at NIC, Jharkhand.
Vineet Kumar, founder of Cyber Peace Foundation in Ranchi and former chief technical officer of Jharkhand police’s Cyber Defence Research Centre, said the ransomware had the potential to produce multiple strains in the future. The Foundation, which is currently working on the e-kavach project – funded jointly by the Indian and British governments – in 10 states including Jharkhand, issued dos and don’ts for computer users.
“All workstations/servers must immediately install a security patchfor older versions of Microsoft’s Windows, including the XP, provided they are not pirated OS. Antivirus signatures should be updated on all assets, email gateways should be equipped with relevant updates to detect phishing, proxy server solutions should have updated database, old logs must be checked to detect risks, and backup files must be created and stored in an external device or on Cloud,” Vineet suggested.
The advisories assume extra significance because state government websites have been vulnerable in the past.
In September last year, two youths were arrested from Hazaribagh for hacking into the food and civil supplies site, which links ration cards with Aadhaar numbers.
In 2015, chief minister Raghubar Das’s Facebook page was hacked and spammed with pornographic content. The same year, the disaster management department’s website was intruded by “Bangladesh Gray Hat Hackers”, which was the message displayed on the hacked web page.
Vineet said Jharkhand was very prone to cyber attack owing to rampant use of pirated software and database applications.
“During our surveys, we realised that several organisations seldom conduct vulnerability tests and take precautions. We have installed sensors to detect cyber attacks. On an average, 17,000 virus attacks have taken place daily on Jharkhand’s systems in the past week. These were engineered from Germany, Russia, China, France, Mexico, the Netherlands and Sweden,” he added.
An officer at the cyber police station in Ranchi said malware threats could be better tackled only if the Cyber Defence Research Centre functioned properly.
“Currently, the cyber thana deals with only Facebook stalking, email hacking or financial frauds. It lacks expertise for research and development,” he added.
State IT director U.P. Sah conceded Jharkhand’s cyber challenges, but stressed that the government was working on a proposal to set up a centre on the lines of the national Computer Emergency Response Team (CERT).
“We have tied up with CDAC (Centre for Development of Advanced Computing) for the purpose of having a centralised complaint desk, which can also monitor software and hardware assets regularly and take preventive measures. The centre (CDAC) has submitted a proposal, which will incur Rs 100 crore in five years,” Sah said