The global ransomware attack that was of a scale unprecedented in the history of the Internet appears to have finally reached India. While the country. While the country initially faced minimal damage, the real test will be on Monday, as hundreds of thousands of professionals turn their computers on for the first time, after the ransomware attack was recorded over the weekend.
In case you have been missing out on everything that happened, we recommend you read this post first. The long and short is that on Friday, a ransomware crippled United Kingdom’s nationalized healthcare system, holding computers hostage by scrambling their data until their owners agreed to pay a particular amount of money in bitcoin. The ransomware is named Wanna Cry and it exploits an NSA loophole that was made public by the Shadow Brokers earlier in the year.
The attack managed to impact over 150 countries and by Saturday, the hackers had collected over $25,000. While its impact on India was minimal since it came at a time when the weekend had almost begun, however the AP police department, 2 South Indian banks, 2 Delhi based manufacturing companies, 2 Mumbai based corporate entities and a manufacturing unit of an MNC, were still among those affected. However, the real test is expected to come on Monday, when professionals start turning their computers on and commence engaging in communications with each other. Wanna Cry spreads over networks so if even one computer is affected, the rest on the network can also be compromised.
Meanwhile, private security firms as well as the government, has recognized the scale of the threat and issued guidelines for the same. The Indian Computer Emergency Response Team (CERT-In) has also issued guidelines to both the public as well as the private sector. Those warned include the National Informatics Centre (NIC) for all central and state government systems; Reserve Bank of India, National Payments Corporation of India and Unique Identification Authority of India.
Also, while the Department of Telecommunications have been asked to alert Internet service providers for security of the telecommunications network, the Data Security Council of India and Centre for Development of Advanced Computing have also been asked to alert the relevant stakeholders.
India is certainly a weak link. The country has the largest number of computers running on pirated software. What’s more, many of those systems that are running on original Windows, have not updated their systems to the security patch issued by Microsoft. Have you downloaded the patch, for example?
The Indian government is also said to be planning a technical webcast on Monday, details to which will be provided on MyGov and Social Media. In the meanwhile, download the security patch issued by Microsoft back in March and exercise extreme caution with stuff you receive over the Internet.
Speaking on the scale of the attack, European Union police agency Europol’s director Rob Wainwright said:
The global reach is unprecedented. The latest count is over 200,000 victims in more than 150 countries, and those victims, many of those will be businesses, including large corporations.
At the moment, we are in the face of an escalating threat. The numbers are going up; I am worried about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning.