‘WannaCry’ computer bug hits India partially
India believed to be among hardest hit in ‘biggest ever’ ransomware assault
NEW DELHI: India was among several nations, including Russia and Britain, that have been affected by a rogue cyber attack that infected computers.
In India, a section of computers of Andhra Pradesh’s police departments were affected during the attack.
Computers in 18 police units in Chittoor, Krishna, Guntur, Visakhapatnam and Srikakulam districts were affected, news agency PTI reported.
The cyber attack spread panic across the world after infecting thousands of computers of hospitals, railways, police and private companies, forcing the seven powerful countries (G7) to firm up action against such malicious attempts.
Operations of global corporations such as Renault, FedEx, Telefonica and Portugal Telecom were hit.
In Britain, state-run National Health Service’s hospitals and clinics were hit by the computer bug, while computers of Russia’s biggest lender Sberbank were affected. Agency reports suggest a new variant of “WannaCry” ransomware hit large networks by exploiting a known bug in Microsoft’s Windows operating system.
Cyber extortionists forced victims into opening malicious attachments, infected the computers and then demanded $300 to $600 to restore the systems.
Some victims were asked to pay through the digital currency bitcoin.
Cyber security experts rushed to restore systems on Saturday after an unprecedented global wave of cyber attacks that struck targets ranging from Russia’s banks to British hospitals and a French carmaker’s factories and the effect of which was felt particularly hard in India, some said.
The hunt was on for the culprits behind the assault, which was being described as the biggest cyber ransom attack ever.
State agencies and major companies around the world were left reeling by the attacks which blocked access to files and demanded ransom money, forcing them to shut down their computer systems.
“The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits,” said Europol, Europe’s policing agency.
The attacks, which experts said affected dozens of countries, used a technique known as ransomware that locks users’ files unless they pay the attackers a designated sum in the virtual Bitcoin currency.
Mikko Hypponen, chief research officer at the Helsinki-based cyber security company F-Secure, told AFP that the attack was “the biggest ransomware outbreak in history”, saying that 130,000 systems in more than 100 countries had been affected.
He said that Russia and India were hit particularly hard, in large part because the older Windows XP operating software is still widely used in the countries.
However, India’s chief information security officer, Gulshan Rai, said there appeared to be no damage. The attacks apparently exploited a flaw exposed in documents leaked from the US National Security Agency (NSA).
The attacks hit a whole range of organisations and businesses worldwide.
French carmaker Renault was forced to stop production at sites in France and Slovenia, saying the measure was aimed at stopping the virus from spreading.
In the US, package delivery group FedEx acknowledged it had been hit by malware and said it was “implementing remediation steps as quickly as possible.”
Russia’s interior ministry said that some of its computers had been hit by a “virus attack” and that efforts were underway to destroy it.
The country’s central bank said the banking system was hit, and the railway system also reported attempted breaches.
The central bank’s IT attack monitoring centre “detected mass distribution of harmful software” but no “instances of compromise”, it said.
Russia’s largest bank Sberbank said its systems “detected in time attempts to penetrate bank infrastructure”.
Germany’s Deutsche Bahn computers were also impacted, with the rail operator reporting that station display panels were affected. Computer security group Kaspersky Labs said it was “trying to determine whether it is possible to decrypt data locked in the attack -- with the aim of developing a decryption tool as soon as possible.”
KILL SWITCH
On Saturday, a cyber security researcher told AFP he had accidentally discovered a “kill switch” that could prevent the spread of the ransomware.
The researcher said that the discovery was accidental, but that registering a domain name used by the malware stops it from spreading. Computers already affected will not be helped by the solution.