There has been a lot of talk online about the recent Ransomware attack that has taken the world by storm. For the common public. This is news, but to many in the security industry this was just a matter of time. The story of the WanaCrypt Ransomware fiasco began in January 2017 with a group that calls itself “The Shadow Brokers”, leaked tools claiming to be stolen from the NSA. These tools included zero day exploits in Windows.
We in Belagavi have been seeing ransomware infections as back as October 2016. Some companies have lost data and have taken 6-8 months to recover and come back on track for their business. The Threat is real. There are some companies in our own city affected by this problem. Had these companies followed cyber security best practices and had adequate fallback measures, the risk of data loss could have been mitigated.
It was only a matter of time until cyber criminals utilized the exploit to gain unauthorized access into pirated/non-updated windows computers and thereby install ransomware on them. This has resulted in companies losing access to their own files and in some cases, a complete halt of organizational work flow.
We in the Indian cyberspace are also not immune to these attacks. It has affected the Andhra State Police and the Mumbai Police to some extent. The fact that many users in India use pirated Windows operating systems only makes it worse. Although the actual effects will take time to surface since most corporations will not release this information publicly.
Simply put, ransomware makes use of the vulnerabilities in Windows operating systems, enters your computer, and could practically lock (encrypt) all your files away, and the perpetrators, in most cases, demand hefty sums of money for your files. Recovering from a ransomware attack can be almost impossible unless the ransom is paid.
This is a real threat in an interconnected world and often times, business rivals and competitors could use such means to gain an unfair advantage.
Measures for Safeguarding:
- Update Windows regularly
- Install Antivirus and Security Suites and keep them updated.
- Sensitise USB devices before plugging into critical systems.
- If you have a network with more than one user, get a firewall system which would filter out such malicious traffic even before it hits your network.
Blog on Ransomware in North Karnataka Posted on October 27, 2016
http://skywall.informantnetworks.com/?p=101
Guide to Internet Safety Posted on March 12, 2017
http://skywall.informantnetworks.com/?p=146
About the Authors:
Hitesh Dharamdasani is a computer security expert and the founder of Informant Networks. A cyber/computer security company based out of Belgaum. He completed his Masters Degree in Computer Security from USA and worked in Silicon Valley for a couple of years before coming back to his hometown.
Anirudh Managoli is a Software Engineer with 6+ years of IT experience in Software Development and Administration.