Maharashtra government offices in a few places were affected by the WannaCry ransomware, which has infected hundreds of thousands of computers in about 150 countries since Friday. The ransomware infected a few computers, including those in the Nagpur police department and a few other district-level field offices, officials said. They added that said no sensitive data was compromised and that the malware did not breach the government’s cyber defences as the infected computers were standalone machines.
Meanwhile, the government announced it would prepare a cyber-security policy in three months to avert any such future attacks.
Officials said the government reacted swiftly to the ransomware attack, issuing several of advisories to field offices across the state. The information technology department held several meetings over past three days and systems were being monitored closely, officials said.
Despite this, computers in the police department at Nagpur and few other field offices were infected with WannaCry, a type of malicious software (malware) that blocks access to a computer system until money is paid. Officials said the infected computers were standalone systems, not connected to the internet or the government’s intranet (internal network).
“There are reports that some computers in Nagpur were infected. We have asked the offices for details. Computers outside the government’s intranet are not monitored by the information technology department and are always at risk of such an attack. The system that controls 5,280 computers in Mantralaya is safe,” said Vijay Kumar Gautam, principal secretary, information technology department.
Gautam said last year’s ‘Locky’ ransomeware attack helped the government avert an attack this time. “After that attack we found that at least 2,000 computers in Mantralaya had no antivirus. We blocked all private email providers to prevent further attacks. We monitor our employees’ compliance with protocol closely and take action against those who try to access blocked sites using dongles,” he added.
The government said its new cyber security policy would be introduced in August and would, among other things, bring all computers in state government offices under the statewide area network (SWAN) the government’s internal network.
“The policy will cover security at the data level, network level and storage level; issues related to last-mile deskstop security; and the role of people who host data centres. It will also cover legal issues related to IT protocols that are currently dealt with under the Information Technology Act. It will also allow us to bring all computers in government offices under the state-wide network,” Gautam said.