comscore Petya ransomware follows WannaCry’s footsteps; here’s what the experts have to say
BLA21 cibil.com ageas federal zee hindustan
News

Petya ransomware follows WannaCry’s footsteps; here’s what the experts have to say

With Digital India and cashless transaction seeing immense push, India especially needs to gear up against such attacks, believe many analysts.

Social media security

Image: People Things and Life


WannaCry had barely settled, and the globe has been hit by another severe ransomware attack, the nature of which is believed to be the Petya virus. While Ukraine was the most affected by the malware, parts of Europe and Asia, which includes India, also bore the brunt of the attacks. Like any ransomware program, the virus creeps in a user s system and encrypts the entire hard drive and denies the user access to the computer. After the encryption process is complete, the ransomware has a specialized routine that forcefully crashes the computer to trigger a reboot that renders the computer unusable until the $300 ransom is paid. And like the WannaCry program, only Windows machines appear to be at risk of Petya attack. Also Read - Samsung Galaxy S20 FE Long-term Review

How did Petya spread?

Also Read - OnePlus India partners American Express for cashback deals, EMI offers and more

The Petya ransomware virus was noticed spreading earlier this week with a fake software update that was pushed out to businesses and other enterprises in Ukraine. The software concerned, called MEDoc, is a financial-monitoring application that all businesses in Ukraine must have installed. Though the MEDoc can not be blamed for the issue, someone apparently broke into its software-update servers to pull this off. The Russian antivirus firm Kaspersky Lab said that it had found the Petya malware hidden on a Ukrainian website, possibly in an attempt to infect visitors to the site via drive-by downloads. Also Read - India bans 43 more Chinese apps over security concerns

The damage done by Petya

Until now the Bitcoin address which is being used by Petya Ransomware has received 42 transactions worth 3.75228155 BTC equivalents to $9490.80 in less than 24 hours, which is more than Rs 600,000. However, the email-id which is being used to communicate with the criminals has been suspended by the service provider, hence rendering all the efforts of getting the decryption key futile. And that is why victims are being advised to desist from making any payments to the criminals.

Petya vs WannaCry

WannaCry s attackers failed because they couldn t handle the amount of victims they created. But this Petya campaign, which is basically still in its first round, comes across as more professional and ready to cash in, says F-Secure Security Advisor Sean Sullivan. Amateur hour is definitely over when it comes to launching global ransomware attacks. ALSO READ: After WannaCry, another ransomware program is spreading globally

However, very interestingly, while many draw comparison between WannaCry and Petya ransomware program, Pradipto Chakrabarty, Regional Director of security firm CompTIA India notes, there is a slight but important difference. Usually, in case of ransomware attacks, the demand is made from users and the email for communication is unique to each user. In this case, it is observed that there is a single email ID that had been provided to all the affected users for communication. This email ID was since suspended by the provider. This alludes to the fact that either the hackers were amateurs or more dangerously this attack is not a ransomware and was not unleashed with the intention of merely extracting money, but to destruct important data.

https://twitter.com/mikko/status/879703285321674752

However, the silver lining of this entire program is that the properly patched Windows systems that are not connected to enterprise networks, such as home computers, are at little risk of being infected by Petya. If you use a home computer to connect to a corporate VPN, however, you greatly increase the chances of your home network becoming infected.

Further, security firm Symantec shared their research, which claimed that the Petya virus was spread using the EternalBlue exploit. EternalBlue, is an exploit generally believed to have been developed by the US National Security Agency (NSA). It was leaked by the Shadow Brokers hacker group on April 14, 2017, and was used as part of the worldwide WannaCry ransomware attack on May 12, 2017. ALSO READ: Before WannaCry and Judy, these 5 malware attacks wreaked havoc globally

India and ransomware attacks

With the virus creeping from Europe to Asia, the attack shows how ransomware is turning into a regular risk of doing business now. According to 2017 Symantec Internet Security Threat Report, ransomware attacks grew 36 percent in 2016, average ransom per victim grew 266 percent in the year. Post WannaCry, banks and retailers have strengthened their defenses, however, many others are still catching up in guarding against ransomware. According to Kaspersky Lab analysts, on the very first day of the virus discovery, about 2,000 users had been attacked as of midday in North America, with organizations in Russia and the Ukraine the most affected.

Overall, India comes 7th in the list where around 20 organizations were hit. India came 7th globally, but it was the worst affected country in the Asia-Pacific Region. Just yesterday, the attacks had also been reported to have hit India. The Jawaharlal Nehru Port Trust, in Mumbai, which is also India s biggest container port, had been unable to load or unload because of the attack. Because of the attacks, the Gateway Terminal India was unable to identify which shipment belonged to whom. RELATED: Global ransomware attack reaches India; Jawaharlal Nehru Port Trust in Mumbai affected

Why India needs to be especially wary of such attacks

Nevertheless, most analysts continue to point out the danger India is facing at this point, with our country constantly being a target of such ransomwares attacks, especially with the ongoing Digital India initiative. During the last attack, the government activated the preparedness and response mechanism , which turns to India learning two important lessons from this situation, one, to be always prepared: companies need to constantly stay up to date for plausible treats that could come their way. And two, to have the armour to face such threats: the IT space needs to have enough skilled labour to counter such acts efficiently. These lessons should be implemented effectively and maintained as a hygiene for all companies henceforth , says Vishwajeet Singh, CIO and Vice President, Aptech Ltd India. ALSO READ: India is the 8th most vulnerable country to Web Applications attacks: Akamai

The Datacenter lead, Rakesh Kumar Singh, of Juniper Networks India agrees, Regular pathing of operating system is a must, not just on laptops/desktops but for all portable devices like mobile/tablets. Also it is a wakeup alert for all SMBs who avoided moving away from out-of-support operating systems. The main learning is that critical data should not be residing on user desktops. Cloud based solutions which ensures that the relevant data is made available to the user on demand but the storage of data itself is always on the cloud where it is easier to put security and anti-malware defenses.

For that matter, Kaspersky Lab urged for a major beefing up of online defences of consumers and banks against hackers now that government and financial firms in India continue to promote cashless transactions since last seven months. The demonetization led to the increased numbers of paperless transactions in the country, which also opened more opportunities for money-hungry attackers. ALSO READ: Petya ransomware spreads globally; social media is gracefully dealing with the panic

The results of Kaspersky Cybersecurity Index for the second half of 2016 revealed the top internet activity in India is online shopping. This is followed by emailing, watching movies, and using social media sites. About 96 percent of the respondents admitted to using the internet in purchasing goods online. And 84 percent of them used their devices in banking and in paying online through digital wallets. Kaspersky Lab’s data for 2016 also showed users from India are among the most attacked by banking malware, along with those from Russia, Germany, Japan, Vietnam, and the United States.

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel.
  • Published Date: June 29, 2017 5:43 PM IST



new arrivals in india

Realme Narzo 30A
Realme Narzo 30A

8,999

Realme Narzo 30 Pro
Realme Narzo 30 Pro

16,999

Infinix Smart 5
Infinix Smart 5

7,199

Samsung Galaxy F62
Samsung Galaxy F62

23,999

Nokia 5.4
Nokia 5.4

13,999

Nokia 3.4
Nokia 3.4

11,999

Realme X7 Pro 5G
Realme X7 Pro 5G

29,999

Realme X7
Realme X7

19,999

Vivo Y31
Vivo Y31

16,490

Oppo Reno5 Pro 5G
Oppo Reno5 Pro 5G

35,990

Samsung Galaxy S21 Ultra 5G
Samsung Galaxy S21 Ultra 5G

1,05,999

Samsung Galaxy S21 Plus 5G
Samsung Galaxy S21 Plus 5G

81,999

Samsung Galaxy S21 5G
Samsung Galaxy S21 5G

69,999

Vivo Y12s
Vivo Y12s

9,990

Vivo Y51A
Vivo Y51A

17,990

Samsung Galaxy M02s
Samsung Galaxy M02s

8,999

Xiaomi Mi 10i
Xiaomi Mi 10i

21,999

Oppo A15s
Oppo A15s

11,490

Tecno Spark 6 Go
Tecno Spark 6 Go

8,499

Vivo V20 2021
Vivo V20 2021

24,990

Vivo Y20A
Vivo Y20A

11,490

Xiaomi Redmi 9 Power
Xiaomi Redmi 9 Power

11,999

Motorola Moto G9 Power
Motorola Moto G9 Power

11,999

Motorola Moto G 5G
Motorola Moto G 5G

20,999

Vivo V20 Pro
Vivo V20 Pro

29,990

Xiaomi Mi 10T
Xiaomi Mi 10T

35,999

Xiaomi Redmi 9i
Xiaomi Redmi 9i

8,299

Xiaomi Mi 10T Pro
Xiaomi Mi 10T Pro

39,999

Infinix Hot 10
Infinix Hot 10

9,999

Vivo V20 SE
Vivo V20 SE

20,990

Vivo V20
Vivo V20

24,990

Micromax In 1b
Micromax In 1b

6,999

Micromax In Note 1
Micromax In Note 1

10,999

OnePlus 8T
OnePlus 8T

42,999

Samsung Galaxy F41
Samsung Galaxy F41

15,499

Apple iPhone 12 Pro Max
Apple iPhone 12 Pro Max

1,29,900

Apple iPhone 12 Pro
Apple iPhone 12 Pro

1,19,900

Apple iPhone 12 Mini
Apple iPhone 12 Mini

69,900

Apple iPhone 12
Apple iPhone 12

79,900

Poco X3
Poco X3

16,999

Realme Narzo 20A
Realme Narzo 20A

8,499

Realme Narzo 20
Realme Narzo 20

10,499

Realme Narzo 20 Pro
Realme Narzo 20 Pro

13,999

Oppo F17
Oppo F17

16,990

Samsung Galaxy M51
Samsung Galaxy M51

22,999

Poco M2
Poco M2

10,999

Oppo F17 Pro
Oppo F17 Pro

22,990

Realme 7 Pro
Realme 7 Pro

19,999

Realme 7
Realme 7

14,999

Xiaomi Redmi 9A
Xiaomi Redmi 9A

6,799

Vivo Y20
Vivo Y20

12,990

Xiaomi Redmi 9
Xiaomi Redmi 9

8,999

Nokia 5.3
Nokia 5.3

13,999

Motorola Moto G9
Motorola Moto G9

11,499

Realme C15
Realme C15

9,999

Realme C12
Realme C12

8,999

Samsung Galaxy Note 20
Samsung Galaxy Note 20

77,999

Xiaomi Redmi 9 Prime
Xiaomi Redmi 9 Prime

9,999

Oppo Reno4 Pro
Oppo Reno4 Pro

34,990

Samsung Galaxy M01 Core
Samsung Galaxy M01 Core

5,499

Realme 6i
Realme 6i

12,999

Asus Rog Phone 3
Asus Rog Phone 3

46,999

OnePlus Nord
OnePlus Nord

24,999

Infinix Smart 4 Plus
Infinix Smart 4 Plus

7,999

Xiaomi Redmi Note 9
Xiaomi Redmi Note 9

11,999

Samsung Galaxy M01s
Samsung Galaxy M01s

9,999

Vivo X50 Pro 5G
Vivo X50 Pro 5G

49,990

Vivo X50 5G
Vivo X50 5G

34,990

Realme C11
Realme C11

7,499

Poco M2 Pro
Poco M2 Pro

13,999

Realme X3
Realme X3

24,999

Realme X3 SuperZoom
Realme X3 SuperZoom

27,999

Tecno Spark Power 2
Tecno Spark Power 2

9,999

Oppo A12
Oppo A12

9,990

Oppo A52
Oppo A52

16,990

Samsung Galaxy A21s
Samsung Galaxy A21s

15,999

Oppo Find X2
Oppo Find X2

64,990

Motorola One Fusion Plus
Motorola One Fusion Plus

17,499

Samsung Galaxy A31
Samsung Galaxy A31

20,999

Samsung Galaxy M01
Samsung Galaxy M01

8,999

Samsung Galaxy M11
Samsung Galaxy M11

10,999

Infinix Hot 9 Pro
Infinix Hot 9 Pro

9,999

LG Velvet
LG Velvet

Price Not Available

Xiaomi Mi Note 10 Lite
Xiaomi Mi Note 10 Lite

Price Not Available

Apple iPhone SE 2020
Apple iPhone SE 2020

42,500

Honor 30 Pro
Honor 30 Pro

Price Not Available

Best Sellers