No incident of Locky ransomware reported in India at present: Trend Micro

As per Trend Micro, the ransomware is not likely to be on the scale of Wannacry and Petya ransomware, which relies on Microsoft vulnerability in Windows XP.

    In the wake of Locky Ransomware attack and the Government of India issuing alert across the country, Trend Micro Incorporated, a premier provider of cyber security solutions, has stated that there are no incidences being reported in India at present.

    Trend Micro suggests steps to be safe from Locky ransomware

     

    As per Trend Micro, the ransomware is not likely to be on the scale of Wannacry and Petya ransomware, which relies on Microsoft vulnerability in Windows XP. Trend Micro has also provided precautionary measures on how to stop the Lukitus variant of Locky ransomware from spreading.

    Ms. Sharda Tickoo, Technical Head, Trend Micro India said, "So far, there haven't been any cases of Locky ransomware reported in India or across geographies, but we are getting inquiries from customers and Trend Micro's support team is helping out in resolving them. For addressing this malware, Trend Micro has its protection in place with suspicious and bad URLs being blocked. There are technologies wherein such embedded macros and file scripts can be detected and deleted."

    Pointing out the differences between other ransomware, she added, "Wannacry and Petya
    ransomware looks for Microsoft vulnerability to exploit and spread. There were only a few machines with Microsoft vulnerability in Windows XP and hence the damage was huge. In this case, it is not exploiting any vulnerability, but what it uses is a Visual Basic (VB) / JavaScript encrypts in a document and the chances of this malware getting evaded are high."

    On the dos and don'ts, she further added, "Since this particular malware arrives through email compressed attachment and through hidden Visual Basic (VB) / JavaScript, we have to ensure that email as a channel is widely protected. We are trying to build a ransomware strategy with two best practices - first is to start with fortifying email defense mechanisms and second is to delete the VB or Java Script if it is not used in machines."

     

    "There are certain secure configurations which are unnecessary and not running, should be blocked. This particular malware has a tendency of self-deletion. It deletes itself with no traces left, once the payload is executed. It encrypts local drives and network shares. The basic hygiene is to try and avoid open network share and to make sure it is password protected," she said.

    Read More About: ransomware computers internet news
    Opinion Poll
    X

    Stay updated with latest technology news & gadget reviews - Gizbot

    We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Gizbot sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Gizbot website. However, you can change your cookie settings at any time. Learn more