A day after a massive ransomeware attack hit nearly 100 countries, including India, terrifying details were slowly emerging on Saturday as computers from hospitals in Britain to police stations in Andhra Pradesh were hacked, keeping security experts In tenterhooks.
In India, a section of computers in the police departments of Andhra Pradesh were hacked. Computers in 18 police units in the districts of Chittoor, Krishna, Guntur, Visakhapatnam and Srikakulam were affected.
According to the Director General of the Police N. Sambasiva Rao, the systems that use the Windows operating system were hit by the cyber attack. The police chief's computer with the Apple iOS operating system was secure.
R. Jaya Lakshmi, Tirupati Urban Police Superintendent, said the encrypted data of 'ransomware' at some police stations, adding that they were not able to access the data and hackers were demanding ransom in bitcoin digital currency to restore the access.
"The impact is minimal since we also maintain an offline log of FIRs and other documents," Lakshmi added.
Government agencies and companies affected globally included Britain's National Health Service (NHS), the Russian Interior Ministry, Spanish communications giant Telefonica, power company Iberdrola, utility provider Gas Natural and FedEx in the United States.
According to media reports, the teams were working around the clock in response to the attack, resulting in cancellation of operations, diversion of ambulances and lack of documents such as patient records in England and Scotland.
After denying reports that their computers had been targeted, the Russian Interior Ministry later confirmed that "around 1,000 computers were infected." The ministry said the technicians had restrained the attack.
Kaspersky Lab, based in Moscow, found that variants of a malware called "WannaCry" that encrypted the files were used.
"Once inside the system, attackers install a rootkit, which allows them to download the software to encrypt the data." Malware encrypts the files. "A $ 600 application in Bitcoin is shown along with the portfolio - and the demand for rescue increases Over time, "Altaf Halde, Director of Kaspersky Lab (South Asia), told IANS.
Kaspersky Lab confirmed that the company's protection subsystems detected at least 45,000 attempts at infection in 74 countries, mainly in Russia.
"This is big and growing. We have not seen any of this since Conficker in 2008," Amit Nath, Asia-Pacific Chief of Corporate Business at cyber security firm F-Secure Corporation, told IANS.
Another cyber security firm Avast said it had seen 75,000 cases of ransomware around the world.
Europol also warned that a "complex international investigation" was required to identify the culprits. "
Rail passengers in Germany were confronted with the rescue message as they sought information from train stations after Berlin-based railway company Deutsche Bahn was targeted.
Carmaker Renault was the first company in France to be affected by ransomware, while Portugal Telecom and a local authority in Sweden also faced a similar fate.
Ransomware infects victims by exploiting a Microsoft Windows vulnerability described and corrected in "Microsoft Security Bulletin MS17-010".
Microsoft also said it would implement the update for users of older "no longer supported" operating systems, such as Windows XP, Windows 8 and Windows Server 2003.
The seeds of the massive cyberattack were planted by a mysterious group of hackers "Shadow Brokers" in April when it leaked a hacking tool called "Eternal Blue", developed by the US National Security Agency (NSA) ).
Interestingly, the same tool is believed to have been used by another anonymous hacking group to gain remote access to computers, which brought parts of the NHS to a standstill.
"It's likely that regular online criminals simply use the information the 'Shadow Brokers' put on the Internet and think 'how can we monetize this,'" said Graham Cluley, a computer security expert.
The attack was the latest of the growing threat of ransomware in which hackers deliver files to computers that automatically encrypt their data, making it unusable until a ransom is paid.
"This is not aimed at the NHS," British PM Theresa May told the BBC. "It is an international attack, and several countries and organizations have been affected."
The group or groups of hackers had not yet claimed responsibility for the attack.
Chinese online security company Qihoo 360 issued a warning about the virus, saying that many networks there had been hit and that some computers used to mine Bitcoin in China were among those infected.
The US Department of Homeland Security, in a statement, encouraged people to upgrade their operating systems, CNN reported.
"We are actively sharing information related to this event and are ready to provide technical support and assistance as needed to our partners, both in the United States and internationally," the department said.
Meanwhile, the Group of Seven (G7) countries, which held a two-day meeting (12-13 May) of finance ministers and central banks in Italy, launched a draft declaration committing themselves to join forces to Combat the growing threat of cyber attacks.
Tags: Cyber Security,Ransomware,Cyber attack,100 Countries,India
0 comments:
Post a Comment