The Indian government's Computer Emergency Response Team (CERT-in) has warned individuals and organizations about the WannaCry ransomware, which proliferated worldwide over the weekend. CERT-in, which rushed to act before the workweek began, issued an advisory to individuals and organizations, and also held a fifteen-minute online briefing this morning, which you can watch here. The IT Ministry has also alerted key organizations like the RBI and the National Payments Corporation of India to safeguard themselves from the attack, so that the country's digital payments ecosystem isn't affected. (Nikhil adds: Do listen to this great Freakonomics podcast which goes into the details of a ransomware attack on a mother-daughter.) CERT-in's full advisory It has been reported that a new ransomware named as "Wannacry" is spreading widely. Wannacry encrypts the files on infected Windows systems. This ransomware spreads by using a vulnerability in implementations of Server Message Block (SMB) in Windows systems. This exploit is named as ETERNALBLUE. The ransomware called WannaCrypt or WannaCry encrypts the computer's hard disk drive and then spreads laterally between computers on the same LAN. The ransomware also spreads through malicious attachments to emails. In order to prevent infection, users and organizations are advised to apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010. https://technet.microsoft.com/library/security/MS17-010 After infecting, this Wannacry ransomware displays following screen on infected system: It also drops a file named !Please Read Me!.txt which contains the text explaining what has happened and how to pay the ransom. WannaCry encrypts files with the following extensions, appending .WCRY to the end…
