NEW DELHI/BENGALURU: Cybersecurity professionals worked round the clock over the weekend, trying o protect corporate clients against what experts are calling the biggest ransomware attack ever, before they open for business Monday morning.
Cyber security firms told ET that though the impact on India from the Wanna-Cry onslaught has been relatively minimal so far, the real test will be on Monday when scores of professionals switch on their work systems.
A malicious piece of software that blocks access to computers until money is paid, ransomware WannaCry is said to have swamped machines in over 150 countries, including India. The hackers, who go by the name Shadow Brokers, are demanding $300 in virtual currency Bitcoin to unblock access to a user’s files and had reportedly received over $25,000 till Saturday morning.
India is among the most vulnerable because a large number of organisations and individuals still rely on older, outdated versions of the Windows operating system. The country also has the highest number of pirated software users.
So far, those impacted include systems of the Andhra Pradesh Police, four manufacturing companies, two retailers, the India operations of a multinational, two banks and the Chennai facility of an automaker, according to reports.
Burgess Cooper, partner, cyber security, at audit and consultancy firm EY, told ET the real impact in India had not been felt yet. First intimations of the attack came in the UK at about afternoon local time on Friday, by when the weekend had begun in India. “On Monday morning you could see more activity when people come into work,” he said.
Sivarama Krishnan, executive director at PwC, said his team had been working through the weekend alerting and assisting more than 2,000 clients in helping identify and block threats using firewalls. The root is said to be a vulnerability in Microsoft Windows that was exploited by the hackers.
Microsoft did release a patch to fix the issue in mid-March, so organisations and individuals who did not update their systems are at risk.
Cooper said the worst hit are organisations that don’t have security “hygiene” in place. “Manufacturing units, healthcare or pharma, energy and utility companies systems designed earlier not to connect to the Internet but are now connected will be highly impacted,” he said. Equally vulnerable will be government establishments, he added.
Krishna said that while financial institutions, telcos and large corporates that have stringent security practices will be safe, their branch networks in far flung areas or small and medium businesses may be hit. “There is impact in India and it is not just a handful of organisations, it is much more than that,” said Shree Parthasarathy, partner, Deloitte.
He said this was a wakeup call for organisations not investing enough in security since attacks will get more severe in the future. Experts did not divulge names of the organisations that have been hit.
“Russia and India were hit particularly hard, largely because Microsoft’s Windows XP, one of the operating systems most at risk, is still widely used in the countries.” Ankush Johar, director at Human-Firewall.io, a phishing protection company, added that India will be among the top three worst-hit countries. “Phishing is at the heart of this ransomware attack. Humans are the weakest link in cyber security, and this ransomware attack proves that yet again,” he said.
The global ransomware attack has reportedly hit the UK’s National Health Service (NHS), Spanish telecom company Telefonica and government departments in Russia, Turkey, Germany, Vietnam, Spain and the Philippines. Trishneet Arora, CEO, TAC Security, said manufacturing companies in Mumbai, Gujarat and even jewellery manufacturing companies have reached out to him to safeguard their systems.
Source- GADGETS NOW