May 2017. This is the month of an unprecedented global cyber assault. It has affected corporates, hospitals, doctors, banks, cops and individuals. In yester years, such attacks were carried out by computer savvy sick and devions minds or some angry youngsters who are frustrated. Currently, the availability of crypto currency such as Bitcoins which could be used to monetise such attacks anonymously has changed everything. Cyber crooks encrypt the data, and threaten that if they are not paid in specified time, you will have to say good bye to all your data.
In the last six weeks, a team name as Shadow Brokers penetrated systems of the US government to ferret out hacking tools used by the American Intelligence agencies. These tools are then floated on Internet for other hackers to exploit. Allegedly these hackers have Russian backing. The result of this is the misuse of the tools to make ransomware to infect computers and systems.
Microsoft Windows older versions such as Windows XP are not supported by the company by supplying patches. Some ATMs run on old versions of the OS.
Most hacks have two components–the exploit and the implant. When the system is broken into through a flow, it is called exploit. The implant means the hidden backdoor that is put to stay within the system. The outsider then remote controls the system.
The organisations have to update the system, create back ups, set up honey pots or sensors to trap malware. The application and OS providers must help the clients to protect their networks.
The ransomware introduced is called WannaCry. It has affected 150 countries across the globe. Russia and the UK are the worst affected. India too has reported a number of cases of computers being locked down.
The Computer Emergency Response Team (CERT–In) has issued advisories to organisations and individuals to protect themselves. It has advised not to pay the ransom as it will encourage attackers. It has advised to report the incident to CERT–In and law enforcement agencies.
According to an estimate of Europol, the latest attack has claimed at least 2 lac victims worldwide. The co-operation in cyber-crime on international level is through the Budapest Convention, whose membership is largely restricted to Western democracies. Russia and China are not the signatories. Any investigation of the recent ransomware attack will have to be done by the coalition of the willing.