HYDERABAD: A few hours after the world woke up to the WannaCry ransomware attack on Saturday, the Telangana state police put out the usual ‘no need to panic’ message.
T Krishna Prasad, additional director-general for technical computer services said the Telangana police website was working well enough, why worry?
Later in the day, S Jayaram, assistant commissioner of police in the cyber crime division of Cyberabad followed up with a wise advisory: “So far we have not received any complaints. Servers must be secured. Systems must be protected with licensed software. The public must refrain from using pirated software. People should be careful about the emails they receive and check before downloading any email attachment.”
However, Supreme Court lawyer and cyber law expert Pawan Duggal said the WannaCry ransomware attack was a clear case of the world caught napping. And India is in deep slumber. “These are only initial reports. Only 24 hours have passed. The actual damage could be far more considering that cyber security is lax in India,” Duggal said.
“India is a green field for cyber crime as ransomware does not come under the IT Act or under the Indian Penal Code. There is no national cyber security legislation that can elaborate the roles and responsibilities of stakeholders. As the threat has originated from beyond India, the investigations will end up at a dead end,” he added.
Bipin Chandra, the former president of Hyderabad Software Enterprises Association (HYSEA), said Indian IT companies are better placed to withstand a ransomware attack. “They have a heightened sense of security as a vast majority of them are B2B services firms. Their clients ask for a certain level of certification and regular audits. So security awareness is high,” he added.
Ransomware attacks are nothing new, he said. Organisations that don’t want to be vulnerable to attacks of the WannaCry kind should get their systems audited. System audit firms identify vulnerabilities and suggest hardware and software to plug the gaps.
Back in September 2016, Kerala’s government website was subjected to a ransomware attack. Again, in March this year, the Telangana Forest Department’s local network of 20 computers at its headquarters was found locked by unidentified hackers who locked the files using the RSA-4096 virus. The virus infected the computers after one officer inadvertently downloaded an image file and shared it in the local network. The hackers, suspected to be Russian, then demanded an undisclosed ransom amount to unlock the data.
However, the department failed to kill the ransomware as its encryption with a strong algorithm proved to be be a tough nut to crack.
As a member of the 25-member IT wing (Forest Management Information System, FMIS) of the department told New Indian Express then, “Being a government department, we could not think of paying the hackers a ransom. Besides, there was no guarantee that the hackers would restore the data after payment. The only option left was to forgo the data.”
After losing the battle to hackers, FMIS officials deleted the files in the affected computers and beefed up their IT security.
According to NIC, this was the first reported case of ransomware attack on a public system in the state.