How does WannaCry affect India?

Oct 24, 2017 by infocon in  cyber security Security

In emerging economies like India where the government is undertaking large scale digital initiatives and schemes, security has become a major concern. Cyber experts believe that the damage done by WannaCry ransomware is an issue of under-reported magnitude.

The use of pirated and outdated software is rampant among Indian users as well mid-size and small IT organizations. Fearing licensing issues, a huge number of these incidents will not be reporting the losses, concludes expert opinion on the latest cyber attack.

According to the Centre’s instruction to CERT-IN (Computer Emergency Response Team), “all the information of reported ransomware” have been collected into a report. Many of the cases across the country were isolated but the wave of attacks certainly shows that the impact to India is certainly a caution alarm.

The report states these places as worst hit by WannaCry:

1. 10% of Vadodara’s total computers in the District Administration Collectorate Office.

2.  Computers in Panchayat offices of Wayanad and Pathanamthitta districts in Kerala.

3.  120 computers connected with Gujarat State Wide Area Network in Gujarat.

4.  18 systems of Andhra Pradesh Police Department.

5.  Systems in the Tirumala Tirupati Devasthanams (TTD) Shrine in Andhra Pradesh.

6.  Computers of the Personnel Department of the Southern Railways’ Palakkad Division.

7.  Computers in several locations of the Police Department of Maharashtra.

8.  Many attacks happened in computers across Kerala and Tamil Nadu.

 

Why ‘WannaCry’ must be a lesson for all

Oct 24, 2017

May 12, 2017 is one of the most dreadful days of the year for cyber experts and its stakeholders. About 150 countries across the globe suffered a cyber-attack, affecting 200,000 computers.

It was the infamous “WannaCry” ransomware in which hackers locked people out of their computers, demanding a ransom of $300 in bitcoins. Medical care became inaccessible and factories were shut down for more than 2 days to minimize loss of confidential and further damage.

Here goes a brief on one of the most dangerous ransomware attacks in the Cyber-verse:

What is “WannaCry”?

“WannaCry” appears to have utilized a flaw in Microsoft’s software, discovered by the National Security Agency, which was quickly leaked by hackers. The malicious code that relied on the victims opening a zip file emailed to them, spread rapidly across networks locking away files one by one. From then on, the programme used Microsoft’s flaw to thrive.

Microsoft had released a security update which addressed the vulnerability in the sixteen year old Windows XP operating system, in March 2017. This update was exploited by the hackers to trigger the massive ransomware attack.

 

 

Who got affected?

Several computer networks worldwide were affected, including Telefonica as well as other major organizations in Spain. The British National Health Service (NHS), too, was forced to cancel scheduled patients.

FedEx, Deutsche Bahn, the Russian Interior  Ministry and Russian telecom MegaFon were barred from normal operating services. According to Quartz the three bitcoin wallets used in the attack received just under 300 payments totalling a sum of 48.8635565 bitcoins, which is the equivalent of about $101,000.

 

What is a ransomware attack?

The term ‘ransomware’ appeared in 2005 in the US with the first notable biggest threats to security. While cyber experts maintain it to be 2005, the history of ransomware goes back to 1989.

 

PC CYBORG advisory from 1989. Screenshot via Security Focus

 

According to Becker’s Hospital Review, the earliest ransomware attack occurred in 1989, targeting the healthcare industry. Tracing the same, the healthcare industry still remains a top target for such attacks even after twenty eight years.

Ransomware is a cyber-attack wherein hackers gain control over a computer system and block access to it until the demanded ransom is paid. Hackers get control of systems by downloading a type of malicious software onto a device within the network. This is usually done by getting a victim to click on download link by mistake. The link is normally attached with an email, which once opened, encrypts the hard drive. Once the software gets into the victim’s computer, it enables the hackers to launch an attack that locks all files it can find within that network.

The recent ‘WannaCry’, also known as Wanna Decryptor is a ransomware programme that locks all the available data in the system leaving the user with only instructions on what to do next and the Wanna Decryptor programme itself.

When the software is opened, it tells the users that the files on their computer have been encrypted. It then gives them a few days to pay up, warning that their files will otherwise be deleted. It generally gives them instructions to pay in Bitcoin, providing the Bitcoin address for it to be sent to.

 

 

What is the way out?

Larger organizations should ideally follow the guidelines provided by concerned institutions:

  • Apply the latest Microsoft security patches for this particular flaw.
  • Ensure all outgoing and incoming emails are scanned for malicious attachments.
  • Ensure anti-virus programmes are up to date and conducting regular scans.
  • Backup all key data and information.
  • Organize education programmes on malware so employees can identify scams, malicious links or emails that may contain hazardous viruses.
  • Run “penetration tests” against your network’s security at least once a year.

Many experts even suggested restoring all files from a backup. If that isn’t possible, there are tools that can decrypt and recover some information.

India witnesses one cyber crime per 10 minutes: 2017

Oct 17, 2017

With increasing number of people in India going online every year, the risk of cybercrime hovers above. The rise of smaller organizations and their less or no protection of data also leads to maximum cases of security breach.

In the first six months of 2017, India saw one incident of cybercrime per 10 minutes. These include ransomware attacks to minor phishing rackets. The Indian Computer Emergency Response Team reported 27,482 cases between January and June.

Phishing, scanning, probing, viruses, defacements, site intrusions and denial-of-service were the most reported incidents. Ransomware attacks are gaining pace in India.

1.71L crimes have been reported in the last 3.5 years.

 

The RBI has also issued warnings about bitcoins, the preferred mode of payment for attackers.

Here is a list of the most remembered security breaches in India last year:

  • Mirai botnet malware: A botnet malware named Mirai took over the Internet targeting home router users and other IoT based devices. The malware affected 2.5 million IoT devices; it’s not clear how many systems were affected in India. CERT—In had also issued an advisory regarding the attack back in October 2016.

 

  • WannaCry: Ransomware WannaCry swept the world in May. CERT-In immediately put out an advisory notice. Few instances of the ransomware were reported to have hit banks in India, and some businesses in Tamil Nadu and Gujarat as well during the first wave of the attack. Railwaire users were also most affected by the ransomware.

 

  • Petya: India was also on the top 10 list of countries to be hit by Petya ransomware attacks, with the country faring worst among other Asia Pacific (APAC) countries, cyber security firm Symantec said in a blog postlast month. Globally, India took the 7th spot with less than 20 organisations being affected as per the Symantec’s analysis.

 

 

India at 23rd position in the list of information secured countries

Oct 17, 2017

The second Global Cyber Security Index (GCI), released by the UN telecommunications agency, International Telecommunications Union (UTC) places India at 23rd position in the list of information secured countries. The rank is among 165 other nations across the world who have committed to cyber security.

The report reveals that only about half of all countries already have a cyber security strategy or are in the process of developing one. It urges countries to engage in cyber security education initiatives and job creation in the sector.

Singapore tops the index with a 0.925 score.

Other countries in the top 10 are United States, Malaysia, Oman, Estonia, Mauritius, Australia, Georgia, France and Canada.

The report says that 38 per cent of these countries have a published cyber security strategy while 12 per cent of governments are in the process of developing one.

The threat is dangerously worrying because in 2016, according to ITU, about one per cent of all emails sent were malicious attacks. The rate is the highest in recent years.

The findings show that there is “space for further improvement in cooperation” at all levels. It further advocates for encouraging governments to consider national policies that take into account cyber security and encourage private citizens to make smart decisions online.

Five point strategy of ITU to develop efficient information security systems

The Indian government has taken a few steps to bring the attacks under control. Under PM Narendra Modi’s tenure, the Central govt established the office of Chief Information Ofiicer of Cyber Security Cell under PM’s office. Dr Gulshan Rai is the first to hold the post.

CERT-In, an emergency response team is set up under the Ministry of Electronics and Information Technology for dealing with a range of cyber-attacks.

Apart from this, the Government of India has four Sectoral Computer Emergency Response Teams to address Cyber Security Threats in Power Systems: Transmission, Thermal, Hydro and Distribution.

All the four utilities have been asked to identify a nodal senior executive as its Chief Information Security Officer (CISO) to lead the process of strengthening organizational systems with respect to cyber security and implement an information security management systems as recommended by rules under the Information Technology (IT) Act 2008.

2 Comments

Kristen04

I think your website needs some fresh posts.
Writing manually takes a lot of time, but there is tool for this boring task, search for;
ssundee advices unlimited content for your blog

Anja04

I think your blog needs some fresh posts.
Writing manually takes a lot of time, but there is tool for this boring task, search for:
Boorfe’s tips unlimited content

Leave a Comment

Your email address will not be published. Required fields are marked *

Comment *