New Delhi: The virus may be back today as offices log back in after the weekend. Security experts warn that attackers can easily modify the malware, making it tougher to shut down.
The countrys cyber security agency Computer Emergency Response Team of India (CERT-In) has issued a red-coloured critical alert in connection with the WannaCry attack, and warned users to not pay the ransom.
The ransomware worm that stopped car factories, hospitals, shops and schools over the weekend worldwide, with Asia having escaped the worst so far, could wreak fresh havoc on Monday when employees log back on, cyber security experts warned.
Individuals or organisations are not encouraged to pay the ransom as this does not guarantee files will be released. Report such instances of fraud to CERT-In and law enforcement agencies, CERT-In said.
The spread of the virus WannaCry, which locked up more than 100,000 computers, had slowed on Sunday, but new versions of the worm were expected even while the world was yet to take stock of the extent of damage from Fridays attack.
Marin Ivezic, cyber security partner at PwC, said some clients had been working around the clock since the story broke to restore systems and install software updates or restore systems from back-ups.
Microsoft released patches last month and on Friday to fix a vulnerability that allowed the worm to spread across networks.
Code for exploiting that bug, known as Eternal Blue, was released on the internet in March by a hacking group known as the Shadow Brokers.
The group claimed it was stolen from a repository of National Security Agency hacking tools. The agency has not responded to requests for comment.
The US cyber security researcher who helped halt the WannaCry attack, Darien Huss, said on Sunday that it wouldnt be difficult for those responsible to re-release it or for others to mimic it and this time it would not be reined in.
This particular attack was relatively easy to shut down, agreed Bryce Boland, Asia Pacific chief technology officer for FireEye, a cyber security firm.
Some of the worlds largest institutions and government agencies have been affected so far, including the Russian interior ministry, FedEx in the US and Britains National Health Service.
Other major hits included automaker Renault and its arm Dacia, the Nissan plant in northeast England, German rail operator Deutsche Bahn, Spains telecom giant Telefonica, Portugal Telecom and Telefonica Argentina, and a hospital in Jakarta that cautioned of big queues on Monday when about 500 people were due to register.
Cyber security company Symantec predicted infections so far would cost tens of millions of dollars, mostly from cleaning corporate networks.
Be Part of Quality Journalism
Quality journalism takes a lot of time, money and hard work to produce and despite all the hardships we still do it. Our reporters and editors are working overtime in Kashmir and beyond to cover what you care about, break big stories, and expose injustices that can change lives. Today more people are reading Kashmir Observer than ever, but only a handful are paying while advertising revenues are falling fast.