HOME
NEWS

Global Cyber Attack


By VARINDIA - 2017-07-14
Global Cyber Attack

Overview and impact in India:

 

It is alarming yet not a surprise to see another mass scale ransomware attack just weeks after the havoc created by the Wannacry ransomware. To start with, the genesis of both these attacks appear similar. Both of them uses the Microsoft vulnerability called EternalBlue for which Microsoft had issued a patch. In both cases, they attacked institutional computer networks, which we unsecured – the NHS in UK and now the Ukrainian Government. However, there is a slight but important difference. Usually in case of ransomware attacks, the demand is made from users and the email for communication is unique to each user. In this case it is observed that there is a single email ID that had been provided to all the affected users for communication. This email ID was since suspended by provider. This alludes to the fact that either the hackers were amateurs or more dangerously this attack is not a ransomware and was not unleashed with the intention of merely extracting money, but to destruct important data.

 

These new mutations of malware are increasingly getting more and more capable and complex in terms of the speed and reach. We are observing that the malwares are spreading automatically across interconnected networks more freely and with minimal or no human intervention. This, also is different from ransomware of earlier versions, which we more topical and pointed – say an individual hospital system. The free lowing nature of the current ransomware is particularly scary since we have limited control or predictive mechanism to guess which networks will be affected next.

 

As of now, the effects in India has been observed at the Jawaharlal Nehru Port Trust. This can be explained as one of the largest private enterprises to get effected is Maersk, the leading shipping and container corporation whose systems in all likely hood is interconnected with the networks of the JNPT. Having said that it is impossible to predict the next network where the “worm” will sneak in. Also, the Petya ransomware is more fluid than Wannacry as the latter was linear and had one way to move from network to network. Petya has the capability to evaluate multiple options and can use another option of attacking if one fails. It is indeed quite petrifying to imagine a situation is it infects the national service such as the Defense, Police, Financial Institutions and UIDAI.

 

Sectors that are vulnerable and Does it need to be done at individual or govt level

 

Considering this, it is clear that prevention is the best form of attack. It should be the responsibility of all computer and internet users – institutional as well as individuals to be aware of the threat and also be prepared for a future attack. Through CERT-IN (Computer Emergency Response Team of India) the Government must issue a “what to do” advisory on prevention tactics to enterprises and individuals. We observe that most of ransomware attacks use “end users” as entry point. The end user might be an individual or a user in an institutional environment. In most cases there is nothing that user can do as these types of ransomware are typically executed through "drive-by downloads" in which legitimate website and browsers are infected. Some of the key action points that can be followed are through basic IT housekeeping such as keeping antivirus software updated and having URL CHECKERS. Also it is recommended that individuals keep only those plug-in's and add-on's that are absolutely necessary and used regularly.

 

Finally, it is high time that system administrators within enterprises and government agencies should have updated defensive security skills. Institutions and governments need strong cyber security and cyber-defense strategies. Cyber-defense capabilities, particularly, is an important mandate as hacking becomes extremely easy and pervasive and IT administrators should know how to “defend” their systems.

 

Pradipto Chakrabarty
Regional Director, CompTIA India

 

Tags: Global Cyber Attack, Wannacry ransomware, Jawaharlal Nehru Port Trust, UIDAI, Pradipto Chakrabarty CompTIA India

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA