The unprecedented cyber attack from Friday night that has hit at least 150 countries including India, is likely to escalate from Monday even as security experts round the world scramble to clean up and defend their systems. The virus dubbed ‘WanCry’ spread rapidly through a networked world, locking up users’ files and encrypting their data, demanding ransom of 300 dollars in the virtual currency ‘Bitcoin’. An onscreen message threatens that if payment is not made within 3 days, the price would be doubled, and if none is received within 7 days, the files will be deleted. It is estimated that tens of thousands of dollars have already been paid as ransom. Governments have however warned there is no guarantee the hackers will release the data ‘held hostage’ — rather, the risk is that they will get further access to bank details of users paying ransom. Airports, rail stations, banks, factories, hospitals, public utilities, corporate bodies, educatiol institutions — all have been affected by this ‘ransomware’ virus around the world. India too has been hit hard, with some initial reports saying that around 5 percent of all computers affected belong to our country. According to cyber experts, Indian public and private entities largely use Microsoft’s Windows XP operating system, considered to be most vulnerable to this ransomware. In particular, most ATMs in India are based on Windows XP, as shown in a report last year by Russian anti-virus company Kaspersky. Reportedly, over a hundred systems in India have already been breached, including the IT cell of Andhra Pradesh police. This has prompted the Indian Computer Emergency Response Team (CERT-In) to issue an advisory on what precautions to take and to update security for computers and servers. Clearly, government agencies in the country will have their tasks cut out in the coming days to find out and plug the gaps in their systems.
It would cost hundreds of millions of dollars to clean up infected networks worldwide, experts warn. However, this is but the latest instance of hackers using cryptographic file-locking software to demand ransom. Last year, the total ransom paid and cleanup costs may have reached a whopping $1 billion, as per an estimate by the cyber-security company Herjavec Group. It said cyber-crimils are increasingly taking to ransomware attacks because of the rise of Bitcoin and other crypto currencies, which make it possible for them to demand, receive and transfer payment anonymously. But last Friday’s ransomware attack was different in the sense that the US tiol Security Agency is now being blamed for it. Prelimiry reports suggest that the ‘WanCry’ virus exploits a weakness in the Microsoft Windows software, which was first identified by the US NSA. Later, US NSA experts are believed to have developed a code to exploit the Microsoft gap and stored it in a repository. In turn, this code known as ‘Eterl Blue’ was stolen by a group of hackers and released online, which Friday’s attackers are said to have used to create their virus. The suspicion is that US security agencies like NSA and CIA routinely search out gaps in cyber security and develop software codes to breach these systems for spying and other offensive purposes. It is ironical that in the present case, cyber crimils broke into the US NSA repository to steal such codes which other crimils are using. Edward Snowden, the former NSA contractor who is on Washington’s ‘most wanted’ list — has now blamed the US administration for failing to warn Microsoft (a US company) of the flaw in its system, which has ‘allowed low-skill crimils to launch government-scale attacks’.
While a vast agency like the US NSA is suspected to have failed in its duty, a British cyber security expert rose to the occasion to single-handedly slow down the destructive spread of ‘WanCry’. Calling himself ‘MalwareTech’, this anonymous expert while trying to track the spread of the virus, discovered a ‘kill switch’ to halt it. However, he has warned that the attackers will now remove this ‘kill switch’, restore their virus’ ability to self-replicate and make it unstoppable — unless users around the world scramble to ‘patch up’ their systems. Meanwhile, an embarrassed Microsoft Corporation has released a free ‘software patch’ to help users plug the gap in its security, along with patches for its older, unsupported Windows systems like the XP. An intertiol investigation has begun to track down and identify the hackers who let loose the ‘WanCry’ virus. But it remains to be seen how India, which has hitherto accorded low priority to cyber security despite aiming to go fully digital, now faces up to this escalating ransomware threat.