CDSCO cautions employees against ransomware attack, sensitive data encryption
New Delhi: The Central Drugs Standard Control Organization (CDSCO) has informed employees that the computer systems installed in CDSCO and the laboratories under its control are under high risk due to different types of VIRUS available over the Internet, which can crash or delete all the official data in computer systems.
Furthermore, CDSCO has issued a high-level alert stating, "It may also be noteworthy that the downloading of unnecessary files in some systems as well as the use of harmful applications may cause serious damage to the data of computer systems of CDSCO and laboratories under its control."
"Recently, we have come across a Ransomware (hoop virus) attack due to which sensitive data has got encrypted" the CDSCO warned in a circular.
In addition, the circular stated that CDSCO has consulted with the Indian Computer Emergency Response Team (CERT-IN), which is part of the Ministry of Electronics and Information Technology, to address such issues.
In light of the above, CERT-IN has apprised CDSCO about common causes of data breaches/data leaks and best practises for individual users to safeguard against data breaches.
As per the CERT-IN, the circular included best practises for individual users to safeguard themselves from data breaches.:-
i. Use strong and unique passwords for all the online accounts. Use a password manager programme. Use different passwords for different online accounts.
ii. Enable two-factor authentication wherever available.
iii. Regularly update all the software on computers, smart phones and other devices. Install a reputed anti-virus solution on systems, keep it updated and configure it to run scans periodically.
iv. Be vary of clicking links received in unsolicited SMS messages or emails. Do not open email attachments from unknown senders. Limit the sharing of personal information on public online forums.
v. While making online payments, ensure that the merchant website as well as the payment gateway websites are running on HTTPS and have a valid certificate (usually shown as a "green lock" symbol near the address bar in most browsers).
vi. Do not share personal information, OTPs etc. over phone calls purporting to come from customer service, bank etc. Refuse to install any apps on smartphone / computer if asked to do so by an unknown person over the phone call or in person.
vii. Refer to website https://www.cyberswachhtakendra.gov.in for security best practices and free bot removal tools for computers and mobile devices.
To view the official notice, click the link below:
