Ransom In The Digital Age
Even criminals have gone digital now. The old habit of kidnapping people and sending ransom notes with words cut out of newspaper headlines is passé
Even criminals have gone digital now. The old habit of kidnapping people and sending ransom notes with words cut out of newspaper headlines is passé. These days, cyber criminals send you an email with a link. Click it and all hell breaks loose: your files (documents, spreadsheets, photos, etc.) get encrypted and locked.
You just won’t be able to open them unless you pay the ransom. Payment is demanded in Bitcoin cryptocurrency. After 72 hours, the $300 ransom doubles. After seven days, your files are permanently locked. The world got a taste of that when a nasty malware called WannaCry struck computers running older versions of the Windows operating system around the world (and left millions in tears). This malware attack was first reported on 12 May.
Since the attack began, more than 200,000 computers in 150 countries got infected. Computers that run older versions of the Windows operating system, such as Windows XP, were hit first. Even those computers for which the security updates or patches were not applied have been affected.
Hackers find vulnerabilities in operating systems and try to exploit those vulnerabilities by tricking users into downloading malware or malicious code. Once the code is installed on the machine it takes control and does whatever the hacker intended. In the case of ransomware, it encrypts and locks files.
To counter this, Microsoft regularly issues updates for its operating system but it is up to users to download those updates and security patches.
Microsoft stopped support for Windows XP and hence no security patches were released since April 2014 (with the exception of one emergency patch released in May 2014). However, the day after the outbreak Microsoft released an emergency security patch for Windows XP.
So what has been the impact of WannaCry on Indian companies?
Sharda Tickoo, Technical Head, Trend Micro, said India is the “worst hit” in the APAC region. “This malware is different as it is trying to exploit legacy systems. In India, we still have many machines running on legacy operating systems like Windows XP and Windows (Server) 2003,” said Tickoo.
Nicolas Drogou, Head - Security Practice, Asia Pacific, Orange Business Services informed us what he observed in Singapore. “In Singapore, it didn’t affect many companies but government institutions were openly breached and attacked. In the ministry of defence, the credentials of service men were breached,” he said.
Experts say the best way to protect yourself from WannaCry is to take a multi-pronged approach: make backups, patch software, upgrade to the latest operating system and isolate infected systems.
It was widely speculated that ATM machines running on legacy operating systems would be the next target. In response, some Indian banks refrained from refilling their ATMs, inconveniencing millions of customers across the country.
Electronic payments and online transactions in India dipped following the outbreak of WannaCry. This impacted the e-commerce industry and services/utilities companies.
But even other industries could be impacted. The airline industry, for instance, notoriously holds on to legacy infrastructure. The most visible sign of this are the display information screens at airports, which run on Windows XP.
Some hospitals also use equipment with outdated software. If WannaCry strikes there, it could lock up files with electronic healthcare records. Lives are at stake here.
Samir Shah, CEO Aurionpro said, “In most hospitals, on average, 11 per cent have equipment that run older versions of Windows. For them, patching end-points is not a regular routine, as you would see in say, the banking industry.”
Imagine the chaos at airports, railway stations and hospitals if WannaCry strikes there.
Makes you “wanna cry”, no?