: CERT-In issues warning, cybersecurity firm Trend Micro says no incidence reported by Indian customers

In the wake of Locky Ransomware attack and the India's Computer Emergency Response Team (CERT) issuing alert across the country, cybersecurity firm Trend Micro has stated that there are no incidence reported by Trend Micro’s customers in India at present.

Must Read

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand)

How tech bolster security of online gaming platforms

The rise of online gaming and is evident throughout the world’s financial capitals with the UK, US, and a few other European nations at the forefront

Explained: The evolving nature of cybersecurity threats

Concerns such as hacking and the presence of computer viruses have existed for decades in one form or another. As technology evolved over the years, so did the cybersecurity  threats themselves.

In the wake of and the India’s Computer Emergency Response Team (CERT) issuing alert across the country, firm has stated that there are no incidence reported by ’s customers in India at present. Company said that the ransomware is not likely to be on the scale of Wannacry and Petya ransomware, which relies on Microsoft vulnerability in Windows XP. The Japanese firm has also provided precautionary measures on how to stop the Lukitus variant of Locky ransomware from spreading.

“So far, there haven’t been any cases of Locky ransomware reported by our customers in India or across geographies, but we are getting enquiries from customers and Trend Micro’s support team is helping out in resolving them. For addressing this malware, Trend Micro has its protection in place with suspicious and bad URLs being blocked. There are technologies wherein such embedded macros and file scripts can be detected and deleted,” said Sharda Tickoo, Technical Head, Trend Micro India.

Pointing out the differences between other ransomware, she added, “Wannacry and Petya ransomware looks for Microsoft vulnerability to exploit and spread. There were only few machines with Microsoft vulnerability in Windows XP and hence the damage was huge. In this case, it is not exploiting any vulnerability, but what it uses is a Visual Basic (VB) / JavaScript encrypts in a document and the chances of this malware getting evaded are high.”

On September 3, a warning issued by India’s Computer Emergency Response Team (CERT) on its website said that over 23 million messages and emails have been sent with the ransomware attachment. The spam, CERT stated had common subjects like ‘please print’, ‘documents’, ‘photo’, ‘Images’, ‘scans’ and ‘pictures’. But the subject may vary when it is an instance of phishing.

CERT has advised users to refrain from clicking any suspicious file and back up important data and files should be taken using removable and external devices. It has also curated a list of domains to avoid.

“Since this particular malware arrives through email compressed attachment and through hidden Visual Basic (VB) / JavaScript, we have to ensure that email as a channel is widely protected. We are trying to build a ransomware strategy with two best practices – first is to start with fortifying email defense mechanisms and second is to delete the VB or Java Script if it is not used in machines. There are certain secure configurations which are unnecessary and not running, should be blocked. This particular malware has a tendency of self deletion. It deletes itself with no traces left, once the payload is executed. It encrypts local drives and network shares. The basic hygiene is to try and avoid open network share and to make sure it is password protected,” she said.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Sapience Analytics signs distribution agreement with Redington

Sapience Analytics and Redington said that they have entered into a distribution agreement where latter will resell the Sapience Vue solution through its network of over 30,000 channel partners, system integrators, and value-added resellers countrywide.
- Advertisement -SAP Hana

Related Articles