The two back to back ransomware attacks (Wannacry and Petya) will surely bring the required focus on Cybersecurity but at the same time, will also instill fear of the unknown in the minds of millions of Indians who have to put their business transactions online after GST comes into force in a few days.
According to the Internet and Mobile Association of India (IAMAI), today, there is a need like never before for everyone to join hands and tide over this present situation. According to the association, there is a need to co-relate this as a pre-pandemic interval where the need is to develop capacity and plan response planning activities in terms of precautions and act fast to minimise the damages.
Petya, unlike Wannacry, encrypts the Master Boot File, or simply called the Index of the Hard Disk, leaving it unreadable. The remaining demand for ransom is similar to any ransomware.
Although targeted towards large companies or Government Infrastructure networks which cannot afford any break in operations, the virus in itself does not distinguish if a computer belongs to an individual or a large corporation.
Hence, IAMAI urges all involved in online business to secure themselves by taking four precautions listed below immediately:
· Activate and update your Antivirus daily or two times a day in the present circumstances.
· Look before you click: The route remains the same, through your email, SMSs and online messages. Do confirm the reliability of the source before clicking. In case of doubt, a simple internet search on the link text will also help.
· Believe in back-ups: It takes only few clicks at the end of the day but that may save you a fortune or big headache when the malware strikes.
· Check and apply system updates as and when they are available.
IAMAI has recently setup “IAMAI Cyber Security Council” which will act as a common platform for all Cyber / Information security Companies, represent industry players and help resolve various industry level issues and barriers which require discussion and action.
The goals of this council include promoting awareness about cyber security among start-ups, SMES, enterprise segments of the industry and working closely with the Government bodies, departments, institutions at a national and state level on cyber security policy matters, developing best practices, standards and frameworks and also capacity building in cyber forensics by standardisation, training and certification of individuals and professionals.
The Council also aims to promote cyber security training at scale to fulfill the gap between supply and demand for future.