Ransomware attacks spread to Indian computers, Government

ransomware attacks in India
After infecting over two lakh computers and crippling life in 150 countries, the global ransomware attack continued for the third day on Monday, with more reports of hacking pouring in from India, China and Japan as offices re-opened after a tumultuous weekend.

In Kerala, the computers of two village panchayats were hit, with messages demanding $300 in virtual currency to unlock the files.

Officials who opened the computer at the Thariyode panchayat office in the hilly district of Wayanad found that four of their computers had been hacked.

Likewise, another village panchayat at Aruvapulam near Konni in Pathanamthitta district got a similar virus message when their computer was switched on. IT experts were working on these systems.

In West Bengal’s West Midnapore district, at least eight computers of the state-run electricity distributor were affected. Experts were ascertaining whether it was the same malware virus behind the world’s biggest ransomware attack.

Some media reports claimed that the Ministry of Home Affairs (MHA) has ordered some ATMs to remain shut as a preventive measure.

When contacted, a Home Ministry spokesperson told IANS: “I am not aware about any such order issued by the Home Ministry. If the Finance Ministry did so, I don’t know.”

The government has already activated a “preparedness and response mechanism” to prevent any major cyber attack.
ransomware attacks and trends
According to the Ministry of Electronics and Information Technology (MeitY), it has activated a “preparedness and response mechanism” by instructing CERT-IN (Computer Emergency Response Team) to gather “all the information of the reported ransomware”.

“MeitY has initiated contact with relevant stakeholders in public and private sector to ‘patch’ their systems as prescribed in the advisory issued by CERT-IN. MeitY has also requested Microsoft India to inform all their partners and customers to apply relevant patches,” the ministry said in a statement.

The Reserve Bank of India (RBI) had on Sunday issued an advisory, asking banks to put in place a software update at ATMs to prevent their systems being hacked.
Ransomware top 10
In Japan, nearly 600 companies, including electronics major Hitachi and automaker Nissan, were reportedly affected by the global ransomware attack, officials confirmed on Monday.

In China, more than 29,000 institutions were infected with reports suggesting that around 30,000 institutions had been infected along with hundreds of thousands of devices, Xinhua reported.

The ransomware has paralysed the online payment systems at some petrol stations across China since Friday, and also invaded some colleges encrypting papers and other documents.

At least one Australian business has been affected by the global “WannaCry” ransomware attack, the nation’s Cyber Security Minister confirmed.

The vulnerability in the Microsoft Windows software — exploited by “WannaCrypt” — crippled computers across the world, with hackers demanding hundreds of dollars from the users for them to regain control over their data.

After taking computers over, the virus displayed messages demanding a payment of $300 in virtual currency Bitcoin to unlock files and return them to the user.

Europol has been analysing the virus and was yet to identify the hacking group behind the massive attacks.

The virus exploits a vulnerability in Microsoft Windows software, first identified by the US National Security Agency (NSA).

In the US, Microsoft President and Chief Legal Officer Brad Smith said in a blog post that the cyber attack should be treated by governments as a “wake-up call”.

“We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the US military intelligence organisation National Security Agency (NSA) has affected customers around the world,” Smith wrote in the blog.

“An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen,” he added.

On Saturday, a section of computers at Andhra Pradesh’s police departments were hacked. Computers in 18 police units in Chittoor, Krishna, Guntur, Visakhatpatnam and Srikakulam districts were affected.

The attack was the latest in the growing menace of ransomware in which hackers deliver files to computers that automatically encrypt their data, making it unusable until a ransom is paid.

The investigators were still trying to identify the hackers who initiated this.

Note: Chart is from Microsoft