Ransomware stings Odisha's hospital computers, govt on toes

Attack affects e-medicine services and payment to ASHA workers

Odisha became the victim of WannaCry ransomware which attacked the Berhampur City Hospital's information management system affecting e-medicine services and payment to ASHA workers.

The state government has confirmed the attack from the malware. Odisha is the latest entrant to the list of states that have been attacked by ransomware. The sting of Wannacry has kept the state government officials on toes.

Chandra Sarathi Behera, minister for electronics & information technology after reviewing the incident despatched a technical team to the spot to examine the issue. The team comprises officials from International Institute of Information Technology (IIIT)-Bhubaneswar, Odisha Computer Application Center and National Informatics Centre.

Sources, said the hacker has allegedly demanded $300 to restore the access to the hospital's system. The essential data of the hospital's email id is also believed to be hacked.

"The medical authorities were reportedly using Windows 7 which was not updated. We are awaiting for the report to confirm whether it was pirated or not", said Behera.

To protect the computers from the malware, the state government also held discussions with the district collectors via video conferencing today. Besides, toll-free numbers will be set up to create awareness on the virus and provide suggestions.

There are reports that computers at Purusottampur hospital are also affected by the malware Wannacry that has infected lakhs of systems in around 150 nations, holding computer data to ransom at hospitals, telecommunication companies and other agencies.

The Odisha government has already issued a 20-point advisory for its departments and for general users to safeguard their cyber space.

The advisories include keeping anti-virus software up to date on all systems, installing security patches update to Windows System as mentioned in Microsoft Security Bulletin MS17, disable macros in Microsoft Office products.

It also asked to disable remote desktop connections, employ least privileged accounts, ensure use of pop-up blockers and ad-blockers in browsers for better security and removal of "mssecsvc.exe" and "tasksche.exe", if found in the Windows Directory.