WannaCry Ransomware: Most ATMs in India vulnerable, RBI asks banks to update software

WannaCry Ransomware: Most ATMs in India vulnerable, RBI asks banks to update software
A majority of ATMs in India run on the older version of Windows which is most vulnerable (representational)

The Reserve Bank of India (RBI) has asked banks to follow the instructions of government organisation CERT-In, like updating the software running on their ATMs, to prevent the attack by ransomware, ‘WannaCry’.

Termed as one of the largest and most crippling global cyberattacks of our time, the ransomware is believed to have infected well over two lakh systems across 150 countries.

Indian Computer Emergency Response Team (CERT-In) has come out with list of dos and don’ts and webcast on how to protect networks from the global ransomware attack.

It has been reported that a new ransomware ‘WannaCry’ is spreading widely, RBI advisory to the banks said. Wannacry encrypts the files on infected Windows system and spreads by exploiting vulnerabilities, it said.

The RBI also asked all banks to put in place a software update at ATMs to prevent their systems from a malware that has attacked payment systems across the world.

WannaCry Ransomware: Most ATMs in India vulnerable, RBI asks banks to update software 2
Wannacry ransomware displays following screen on the infected systems

According to reports, Automated Teller Machines (ATMs) are highly vulnerable to such malware attacks as they presently run on old version of Microsoft’s Windows operating system, making a software security patch update a necessary exercise.

The RBI has therefore asked banks and ATM vendors to install a software patch, which fixes the vulnerability, and test the system before allowing customers to use machines.

In India alone, there are a total of 2.2 lakh ATMs, of which an estimated 60 to 70 percent run on the outdated Windows XP.

Meanwhile, ATM operators have claimed that there is no threat to customer information or money as the ransomware only tries to block access to critical data. Incidentally, no data is stored in the physical machine.

Over the weekend, the ransomware has hit systems in more than 150 countries, including Russia and the UK, in one of the most widespread cyber attacks in history.

The cyber criminals have demanded a fee of about USD 300 (approximately Rs 19,000) in crypto-currencies like Bitcoin for unlocking the device. However, there is no confirmation on whether the access is restored after the amount is paid.

WannaCry Ransomware: Most ATMs in India vulnerable, RBI asks banks to update software 1
After infection, the user is displayed the instructions for unlocking data via a text file

Microsoft has introduced a security patch to tackle the situation, and consumers across the globe have been advised to download the solution at the earliest.

CERT-In today said it has not received any formal report of cyber attack on India’s vital networks by the crippling global ransomware, ‘WannaCry’.

The Ministry of Electronics and Information Technology (MeitY) had said yesterday that a few systems of the Police Department in Andhra Pradesh were impacted and that the state government has been informed to follow the advisory by the CERT-In.

Besides, the Maharashtra Police department said it was partially hit by the ransomware.

Following the alert, the Gujarat government began equipping its state computer systems with anti-virus softwares and upgrading its Microsoft operating systems.

As per the advisory issued by CERT-In, the ransomware infects other computers on the same network and is also spreading through malicious attachments to e-mails.

Security firms have suggested that users immediately disconnect the infected device from the local network to contain the spread of infection.

In Spain, major companies including telecommunications firm Telefonica have been infected. The most disruptive attacks were reported in the UK, where hospitals and clinics were forced to turn away patients after losing access to computers.

Back to latest news