WannaCry: Some banks shut ATMs, government says no major impact of ransomware attack in India

As part of precautionary measures, banks in India did not operate some ATMs running on old software in view of threat from ransomware 'WannaCry'.

The Reserve Bank of India has asked banks to follow the instructions of government organisation CERT-In on ransomware, which has impacted various IT networks in over 150 countries.

Indian Computer Emergency Response Team (CERT-In) has come out with a list of dos and dont's and webcast on how to protect networks from the global ransomware attack.

Most automated teller machines (ATMs) were running fine, there could be some which may not have updated Microsoft's Windows operating system, sources said.

Such ATMs could be prone to attack so as precautionary measure banks running such ATMs refrained from feeding cash, sources added.

However, there was no official information from the RBI in this connection till late evening.

There are a total of 2.2 lakh ATMs in India, of which few may be running on old Windows XP.

In a separate malware attack last year, 3.2 lakh debit cards were compromised in the country.

Data of the users who transacted from ATM machines of Hitachi were compromised during three months of May, June and July last year.

The Hitachi ATMs deployed by many White Label ATM players and Yes Bank were impacted by the malware.

Indian computer systems largely escaped a global ransomware attack as the government and companies installed security patches to gain an upper hand against the first wave of an unrivalled global cyber-attack.

Over two lakh computers in at least 150 countries are said to have been infected, according to Europol, the European Union's law enforcement agency. In India, only a few isolated incidents in Kerala, Andhra Pradesh and Tamil Nadu were reported.

National Informatics Centre, which manages government websites, and the Centre for Development of Advanced Computing installed security patches issued by Microsoft to immunise their Windows systems.

Also, guidelines were issued to enable large IT networks to tackle the threat.

"There is no major impact in India unlike other countries. We are keeping a close watch. As per the information received so far, there have been isolated incidents in limited areas in Kerala and Andhra Pradesh," Information and Technology Minister Ravi Shankar Prasad told reporters.

He said a cyber coordination centre will start operating from next month to take precautions against such attacks. India's cyber security unit CERT-In said it has received formal reports of just five "incidents" across locations like Delhi and Tamil Nadu.

"It is nothing major, but we are still watching. The next couple of days, we will be on alert on this," Indian Computer Emergency Response Team (CERT-In), director general, Sanjay Bahl told PTI.

India is on high alert, monitoring critical networks across sectors like banking, telecom, power and aviation to ensure that systems are protected against the attack that has claimed victims in more than 150 countries over the weekend.

The Reserve Bank of India (RBI) asked banks to follow the instructions issued by CERT-In to prevent the attack. A few ATMs running on old Microsoft Operating System remained non-operational as part of precautionary measures.

CERT-In has issued list of dos and don'ts and webcast on how to protect networks from the global ransomware attack.

India Inc has also been on the vigil against 'WannaCry', which has claimed victims in over 150 countries like Spanish telecom firm Telefonica, US' logistics major FedEx and Russia's interior ministry.

Auto maker Nissan, which saw its systems being impacted globally, said the Renault-Nissan alliance plant in Chennai came under attack but its India team has responded and there is no major impact on business.

"Normal production operations are underway at our RNAIPL plant in Chennai," Nissan India said in an emailed statement. Indian IT companies like Infosys and Wipro are also monitoring their systems and taking necessary precautions to ensure business continuity for their clients.

"The Indian IT industry should be better placed than others (in handling the situation). We have not come across any significant impact yet," Nasscom President, R Chandrasekhar said.

Hackers possibly used techniques stolen from the US National Security Agency to encrypt files within affected computers, making them inaccessible, and demanded USD 300 ransom.

"WannaCry is just the tip of the iceberg and organisations need to re-assess the security programme and strengthen detection, prevention and response capabilities to counter such attacks," Deloitte Touche Tohmatsu India Partner Shree Parthasarathy said.

GSTN, the company set up to provide the IT infrastructure for GST rollout, will not be impacted by the WannaCry ransomware attack as its systems do not run on Microsoft software, its CEO Prakash Kumar said.

Meanwhile, IT Secretary Aruna Sundararajan said the IT Ministry along with CERT-In is closely monitoring the situation and reiterated that no large-scale incidents were reported in public and private sectors.

Report by various security solutions firms over the weekend had claimed that India is amongst the countries worst affected by the 'WannaCry' outbreak, accounting for about five per cent of the attacks.

(PTI)