TRENDING ON ONEINDIA
- 2019 Lok Sabha — All You Need To Know
- Hero ISL To Resume From Jan 25th; Kerala Blasters To Face ATK
- Owning A Maruti Suzuki Is Now A Special Occasion — Here's How
- Asus ZenFone Max M2 — Detailed Review
- Why Cheat India — Movie Review
- 7 Best SBI Mutual Fund Schemes To Invest Through SIP
- Benefits Of Drinking Black Coffee
- Vikramshila — The Forgotten University In Bhagalpur, Bihar
2017 has been a year where we witnessed interesting and positive developments in the technological space. But at the same time, a lot of cyber attacks and breaches were also reported not only around the globe but significantly in India as well.
Several reports indicated that cyber attacks grew by a wide margin. According to a KPMG survey, 69 percent of the organizations in India said that ransomware was a significant risk to them while 43 percent revealed they had already experienced ransomware attacks.
As such nearly 40 incidents of ransomware attacks were reported to the Indian Computer Emergency Response Team (CENT-In). 34 incidents included WannaCry and Petya ransomware. WannaCry ransomware attacks had been first reported on 12 May 2017 and Petya on 27 June 2017.
For those unaware, CERT-In is an emergency response team set up under the Ministry of Electronics and Information Technology for dealing with a range of cyber-attacks. Other than this, the Authorities of India has four Sectoral Computer Emergency Response Teams to deal with Cyber Security Threats in Power Systems: Transmission, Thermal, Hydro, and Distribution.
However, along with the ransomware, CERT-In reported that they had received reports of more than 27,000 cybersecurity risk incidents within the first half of 2017 alone. These included a range of threats like phishing assaults, website intrusions and defacements or damages to data in addition to ransomware attacks.
This clearly goes to show that the number of cybersecurity incidents has been rising steadily in India. Besides, analysts have stated that India is among the top seven countries for ransomware circulation as cyber-attacks have increased this year globally.
In any case, here is a listing of cybersecurity attacks that affected India in 2017.
In one of the biggest cyber attacks in history, WannaCry Ransomware swept the world in May. However, in India, the top five cities impacted by the ransomware attack were Kolkata followed by Delhi, Bhubaneswar, Pune, and Mumbai, while the top five states with maximum detections of WannaCry virus were West Bengal, Maharashtra, Gujarat, Delhi NCR, and Odisha.
Almost 60 percent of the ransomware attack attempts by the malicious WannaCry virus was targeted at enterprises, while the rest were on individual customers. WannaCry infected computers running on older versions of Microsoft operating systems like XP. As for the impact of the attack, the ransomware locked user's devices and prevented them from accessing data and software until a certain ransom was paid to the criminals. In this case, cybercriminals demanded a fee of about $300 in crypto-currencies like Bitcoin for unlocking the device.
Talking about the affected areas, Police Department in Andhra Pradesh were disabled, West Bengal State Electricity Distribution Company Limited (WBSEDCL) were attacked, a government-run hospital in Odisha was targeted, in Gujrat over 120-odd computers connected with GSWAN (Gujarat State Wide Area Network) were affected, Maharashtra Police department was also partially hit.
Further computers in two panchayat offices in Wayanad and Pathanamthitta in Kerala too were disabled, and there were reported cases in states like Delhi and Tamil Nadu.
India was additionally on the top 10 listing of nations to be hit by Petya ransomware attacks, with the nation faring worst among other Asia Pacific (APAC) countries. Globally, India took number 7 spot with less than 20 organizations being affected as per Symantec's report.
When the attack took place, researchers pointed out that Petya was not really a ransomware like WannaCry but it was rather a wiper. What that means is that the aim of the malware was to delete all data, including data on the first sectors of the disk where the information about the operating system was usually stored. The idea of this attack was to cause massive destruction of data, not to make financial gains.
As such, the most reported incident of this attack in India was on the nation's largest container port, Jawaharlal Nehru Port (JNPT), near Mumbai along with local manufacturing units of global companies. At least one terminal operated by APM Maersk at the busy JNPT was under attack.
BSNL Malware Attack
The state-run telco's broadband network in Karnataka circle was greatly affected by a malware attack. The virus reportedly affected 60,000 modems with default "admin-admin" username/password combination. The malware infected modems could not be used to connect to the internet of the web. Following this, BSNL had issued an advisory notice to its broadband customers, urging them to change their default router username and passwords.
Indian restaurant search and discovery service provider Zomato in May reported that the company's database was breached which led to personal details of 7.7 million users being stolen. While this was a serious issue, the leaked information was also reportedly listed for sale on a Darknet market. Following the incident, Zomato contacted the hacker and took down the data. Details about the deal have not been disclosed.
Similarly, Reliance Jio the trending network service provider was also a victim of a data breach. Interestingly a website called magicapk.com went live after the attack and anyone could search for personal details of Jio customers on this website. The website was later taken down after it went viral.
Mirai Botnet Malware
Though this malware was first discovered in 2016, the threat from this still continues as the creators behind the malware had published the source code for Mirai in hacker forums as open-source. Since the source code was published, the techniques have been adopted in other malware projects.
Talking about the botnet malware, Mirai actually took over the web targeting home router users and other loT based devices. In total, the malware affected 2.5 million loT units across the globe. However, it's not clear how many systems have been affected in India.