NEW DELHI: India was among the 99 countries affected by a global cyber attack that took down, among others, health services in the UK, a telecom network in Spain and government computer systems in Russia this weekend.
As many as 102 computer systems of Andhra Pradesh police were hacked on Saturday. The malware reportedly halted production at a Nissan-Renault Alliance plant on the outskirts
of Chennai, but the company did not comment on the issue.
National Cyber Security Adviser in the Prime Minister’s Office Gulshan Rai told TOI: “About 100 systems were attacked but as of now there are no more threats.”
The international cyber attack was carried out using a malware called Wanna Decryptor or WannaCry. This is a “ransomware“, a digital extortion system that locks down systems by encrypting the data on it, only to decrypt and release it back for a ransom amount. What was more worrying about the global cyber attack was the fact that the outdated Windows XP version that turned out to be the weak link, crippling information systems around the world, is used by 70% of Indian ATMs.
Their complete control rests with vendors who provide banks with these systems. Microsoft stopped providing support -security patches and other tools -for Windows XP in 2014. However, on Saturday, Microsoft said it had released updates for older systems. “Given the potential impact to customers and their businesses, we have also released updates for Windows XP, Windows 8, and Windows Server 2003,“ a Microsoft spokesperson said.
Michael Gillespie, who runs ID Ransomware, a free website that helps victims of ransomware identify malware and work around encrypted data, said he got an unusually high number of submissions from India since Friday which he diagnosed as WannaCry .“I’ve received about 24 submissions since yesterday that were identified as WannaCryptor and came from IPs based in India. I’d say that’s pretty low compared to other countries, but pretty high for submissions from India,“ he told TOI over email, pointing out that his stats only cover those who upload to the website and are not indicative of the total number of victims.
Banking exams 2018 preparation booster!GradeUp Your all in one ticket to travel in SwitzerlandSwitzerland Tourism Recommended By Colombia Ranchi-based NGO Cyber Peace Foundation (CPF), which is running a research project monitoring cyber attacks, saw nearly a 56-fold increase in breach attempts at sensors installed across eight states in the country.
These sensors called “honey pots“ lure cyberattackers so that they can be monitored and studied. CPF founder director Vineet Kumar said that there was a 56-fold increase in the number of attacks over honeypots installed in Gujarat, Andhra Pradesh, Maharashtra, UP, Jharkhand and Rajasthan.
Attacks and “cyber-recces“ of sorts point to the scale of the problem in India. According to data accessed from CERT-In, in the past 12-14 months, nearly 11,000 networks in India have been victims of probing scanning by hackers or cyber criminals.
Scanning and probing is the first step used by hackers to test the waters, and is generally followed by insertion of malware or ransomware.“Network probing is people looking for vulnerabilities in systems which will eventually be breached. Amateurs don’t do it, these are professionals.
]Also, malware propagation and web intrusion are indicators of hired tools if not services,“ said cyber expert Mirza Faizan Asad. CAAS and ransomware on the rise Cyber crime-as-a-service (CAAS) refers to organised crime rings offering services such as on-demand distributed denial of-service attacks and bulletproof hosting to support malware attacks, among other things. Although there is no professional study conducted in India, according to a CIO Insight 2016 report here has been 33% spike in CAAS, and “exploit kits“ globally.
Cybercriminals employing ransomware or crypto-ransomware -a sophisticated software that incorporates advanced encryption algorithms to block system files -are increasingly attacking Indian entities. January saw at least four attacks into the system of a Bengaluru IT firm, while over a dozen were attacked in the last quarter of 2016. Multiple cases have been seen in Delhi. Software security group Kaspersky Lab says India is among the top five nations affected by ransomware attacks.