WannaCry ransomware attack: Your ATMs is safe, Don’t listen to rumours
Bank ATMs across India might escape the WannaCry worm global attack that locks computers and demands a ransom, cyber security experts said on Monday.
At least 80% of Indian ATMs operate on Windows XP and uses a firmware that limits the machine’s activities to bare basics such as dispensing cash on request and checking the account balance.
Other activities are blacklisted, preventing a ransomware from attacking an ATM.
Speculation swirled in India over the safety of ATMs after WannaCry crippled more than 200,000 computer systems across 150 countries since Friday.
India’s cyber security agency alerted Internet users against the worm that locks down files of an infected computer and asks the user to pay a ransom of $300 in Bitcoin virtual currency to unlock the system.
The worm takes advantage of a Windows vulnerability that Microsoft released a security patch for in March and computers that hadn’t updated were still at risk.
WannaCry has struck banks, hospitals, government agencies across the globe.
Experts cautioned that this is high time for banks to update the software used in ATMs.
“Most ATMs in India use white-listing services to eliminate threats from malwares and worms within their internal networks. WannaCry doesn’t look like something that will affect the ATMs, unlike personal or corporate endpoints,” said Saket Modi, the CEO and co-founder of Lucideus.
Lucideus is an IT risk assessment and digital security services provider.
The fear of losing money and crucial banking data is palpable as hackers last October attacked a server linked to Indian ATMs and corrupted more than 3 million cards issued by 19 banks.
The attack was on one of the companies that provide the ATM switch — a payment transfer engine that allows the cash dispensing machine’s software to connect to interbank networks.
PRECAUTIONS YOU CAN TAKE
- Apply the patches to the Windows systems recommended by Microsoft Security Bulletin MS17-010.
- Maintain updated antivirus software.
- Keep and regularly update an offline database of important files. Ideally, backups of data should be maintained on separate devices.
- Organisations connecting to the Internet through Enterprise Edge or perimeter network devices [UDP 137, 138 and TCP 139, 445] should block their SMB ports or disable SMBv1.
- Users and administrators of older Windows systems such as Windows XP, Vista, Server 2008, and Server 2003 should get an update to a newer version.
Most switches are in remote locations, not at the ATM. A bank branch that has an ATM is likely to manage its own switch, but the rest may be maintained by agencies such as Hitachi.
To ensure safety against any breach, the IT ministry has reached out to key stakeholders such as the RBI, National Payments Corporation of India, NIC and Aadhaar-provider UIDAI to protect the digital payment systems against WannaCry.
“The RBI has directed banks to update the Microsoft patch on Friday after news of the ransomware. This helped India’s banking system to insulate against potential threats,” said Sivarama Krishnan, the partner and leader of cyber security at PwC India.
Source: Indian Express
Tags: WannaCry, Ransomware, ransomeware attack, Cyber Security, India, RBI, Bit Coins, Sivarama Krishnan, Bank ATMs, WannaCry worm global attack, Windows vulnerability, Microsoft Security Bulletin MS17-010, UDP 137, 138, TCP 139, 445, Hitachihttps://thebeepingbell.com/wannacry-ransomware-attack-your-atms-is-safe-dont-listen-to-rumours/https://thebeepingbell.com/wp-content/uploads/2017/05/wannacry-ransomware.pnghttps://thebeepingbell.com/wp-content/uploads/2017/05/wannacry-ransomware-150x150.pngBusinessNewsBank ATMs across India might escape the WannaCry worm global attack that locks computers and demands a ransom, cyber security experts said on Monday. At least 80% of Indian ATMs operate on Windows XP and uses a firmware that limits the machine’s activities to bare basics such as dispensing cash...Rajat PandeyRajat Pandeyrajatrexton.email@example.comAdministratorThe Beeping Bell