Search for

Ransomware chronicles: WannaCry and its tryst with India

Ransomware chronicles: WannaCry and its tryst with India

Touted to be the largest ransomware attack in history, WannaCry has already crippled several. How is India faring?

This cool button delivers CIO stories to you on Facebook:

On Friday, when a ransomware named Wanna Decrypter struck U.K.’s National Health Service, little did the world anticipate that this would turn out to be the biggest cyber-attack in history and will cripple more than 200,000 machines all around the world.

Interestingly, the attackers have simply adapted an existing version of this worm which was leaked by a group, Shadow Brokers in March and again, in April. The worm, WannaDecrypter, infamous as WannaCry is rumoured to have been used by US National Security Agency and is not complex or sophisticated in itself. However, the latest version has one advantage: it infects other computers using an existing vulnerability in Windows’ SMB portal.

India has a long drawn history of concealing cyber-attacks of any kind in the fear of “ruined reputations.” Case in point, the debit card breach that shook the Indian banking system in October 2016. Despite analysts and several companies calling out on India being badly affected by WannaCry, Computer Emergency Response Team (CERT) maintains that the country is not as affected as Europe and Russia. CERT claimed that very few incidents have been reported, as of Monday.

Here’s a rough sketch of how things unfolded in India after WannaCry was unleashed on the World Wide Web.

1. On Saturday, in a blog, security company QuickHeal, claimed that out of the 3,000 odd attacks detected by the company, almost 2,500 were from India. It later said that more than 48,000 systems were infected.

2. While 60 percent of these attacks in India are targeted at enterprises, the rest are targeted towards individuals, claimed QuickHeal.

3. More than 100 computers across 18 police stations in Andhra Pradesh police were hacked on Saturday but the impact was minimal because their FIR and other data is stored offline.

4. Computers of panchayat offices of Kerala’s Wayanad and Pathanamthitta disctricts had to be disabled on Monday due to the cyberattack.

5. The ransomware also infected four offices of the West Bengal Electricity Distribution Company on the same day, bringing their billing centers and all other activities to a standstill.

6. Monday also saw 120 computers belonging to the Gujarat government’s WAN being infected, albeit without the loss of any valuable data, claimed a government official.

7. Today, 23 computers of the Southern Railway Divisional Office in Kerala’s Palakkad district were disabled after being attacked by WannaCry. However, none of the services were affected.

8. Despite the fact that 80 percent of Indian ATMs run on outdated Windows XP, cybersecurity experts claim that they might escape this attack because of the fact that they run on a firmware with the bare minimum functions.

9. On May 17, famous temple Tirumala Tirupati Devastanam (TTD) announced that its computer systems have been compromised to WannaCry with about 10 administrative computers affected.

This story will be updated as and when new information is available. 

Common Content

HPE CEO Meg Whitman quits

Meg Whitman took the company through the process of splitting into HPE and HP Inc in 2015.

Common Content

What industries are using virtual reality?

Virtual reality holds enormous potential outside of entertainment, with VR poised to change the way we shop, experience, communicate and even conduct business.