Ransomware attack contained: State

The Bengal government on Tuesday said it has been able to "contain" the ransomware attack, a day after a section of computers (around 1 lakh) of the state's power distributor were hit by the global malware.

The immediate step to prevent any such attack in future that might bring functioning of a department even to a standstill was taken a day after the dangerous ransomeware — WannaCry — encrypted files in computers in four offices of West Bengal State Electricity Distribution Company Ltd (WBSEDCL) at Belda, Datan, Keshiyari and Narayangarh in West Midnapore demanding $300 in bitcoins.

Top brass of the state government held a meeting at the state Secretariat, Nabanna, on Tuesday morning. The meeting was headed by Chief Secretary Basudeb Bandyopadhyay, Home Secretary Malay De, Director General of Police Surajit Kar Purakayastha, ADG (Law and Order) Anuj Sharma and ADG (CID) Rajesh Kumar. Cyber experts were also present in the meeting.

Sources added that it was decided in the meeting to prepare a guideline that each and every office of all the departments of the state government has to follow to avoid any such attack in future.

Besides creating the guideline, the officials in state government offices, who mainly operate computers, will also be informed that all versions of Windows apart from Windows 10 are vulnerable to the attack of WannaCry if not patched for MS-17-010. Once the files in a computer system are encrypted, a pop-up arrives on the screen showing a countdown and instructions on how to pay in bitcoins to decrypt the files. Thus, directions will be given to all the departments to ensure that computer systems are updated on a regular basis. It has been suggested to update versions of Windows as and when required.

Since the ransomeware spreads through malicious e-mail attachments, the officials will also be asked to not to click on links and download malicious files over Internet and e-mail.

At the same time, the police are also keeping a close watch. The state is in constant touch with the Centre in this regard.

The Kolkata Municipal Corporation (KMC) has also alerted all its officials in this connection and issued a circular stating several do's and dont's to avoid encryption of files by WannaCry. In the circular, officials have been asked only to use the network of the civic body, not to use USB modems to get Internet access in computers in KMC offices and to avoid using external storage devices or connecting mobile phones through data cables.