Advisory for implementing mitigating controls against Wormable Ransomware Featured
As you would be aware, a self-propagating ransomware (WannaCry) outbreak has disrupted several organizations globally. We hope the IT systems implemented at your end are safe and secure against this and such threats, and the required mitigating steps would have been taken in this regards by your organization.
Towards the same, kindly refer the enclosed advisory issued by the Reserve Bank of India, Cyber Security and Information Technology Examination (CSITE) cell on May 13, 2017 vide advisory no. 8/2017. The advisory refers to an Indian Computer Emergency Response Team (CERT-In) issued advisory CIAD20170024 dated May 13, 2017, which elaborates the details about the subjected ransomware and the recommended preventive measures. The advisory also refers the CERT-In vulnerability note CIVN20170032 issued on March 15, 2017. This note details the Microsoft vulnerability which is getting exploited by this ransomware. Enclosed herewith are all the above mentioned three advisory notes for your reference and required action.
Some of the key mitigation steps which we would recommend implementing on priority are enumerated below:
- Apply patches to Windows systems (servers as well as end user computers) as mentioned in Microsoft Security Bulletin MS17-010
- Maintain an updated antivirus software on all systems
- Update signatures/rules at Intrusion Detection System/Intrusion Prevention System and Security Incident and Event Management (SIEM) to ensure detection and prevention of malicious traffic
- Educate users about safe web browsing practices and email usage
- Implement strict external device (USB drive, CD etc.) usage policy
The same has also been published on the Cyber Swachhta Kendra website: http://www.cyberswachhtakendra.gov.in/alerts/wannacry_ransomware.html
- Advisory No. 8 - Ransom ware - High Alert (145 Downloads)
- CERT-In Advisory_wannacrypt_ransomware (92 Downloads)
- CERT-In Vulnerability Note CIVN-2017-0032_15March2017 (70 Downloads)
Latest from BankCircle
- Decoding GST Registration Number
- Essential GST Hacks for Every Tax-paying Indian
- HDFC Reach Home Loans | Home Loan without Income Proof | Home loan without ITR | Housing Loan without ITR
- Pradhan Mantri Awas Yojana (PMAY) - Credit Linked Subsidy Scheme ( CLSS)
- Goods and Services Tax (GST) rate structure finalised, majority of items in 12% and 18% tax slabs
Leave a comment
Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.