India is the worst hit nation in the Asia pacific region by “Petya Ransomware”, with operations wedged at Jawaharlal Nehru Port Trust in Mumbai.
Why in the news? (Key highpoints)
- A report by Symantec identified that India is the worst hit country by Petya in APAC and 7th globally
- The government has asked for National Cyber Security Coordinator, Gulshan Rai to monitor the situation at Jawaharlal Nehru Port Trust (JNPT) where one of three terminals was impacted
- P. Moller-Maersk was also hit affecting multiple sites and business units including the Gujarat Pipavav Port Limited
- Numerous companies have been crippled by global cyberattack, the second major ransomware crime in two months.
Ransomware is a form of malicious software intended to block access or threatens to erase the victim’s data until a ransom is paid. Many popular ransomware malware prefer to obtain payment through Bitcoin as it is difficult to trace. There are numerous types of Ransomwares as of today. Crypto-ransomware: This Malware encrypts the systems files… Continue reading What is a Ransomware?
Petya is a family of encrypting ransomwarethat infects the master boot record and encrypts the NTFS file table, demanding a payment in Bitcoin in order to regain access to the system. The malware specifically targets Microsoft Windows-based systems. Ukraine has emerged as the epicenter of the attack with 60 per cent of the systems infected as reported by Kaspersky.
How does the Petya ransomware work?
- The ransomware takes over computers and demands $300 to be paid in Bitcoin.
- The malicious software spreads rapidly through an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows.
Where did it start?
- The attack appears to have been seeded through a software update mechanism built into an accounting program that companies working with the Ukrainian government need to use, according to the Ukrainian cyber police.
How far has it spread?
- The “Petya” ransomware has caused serious disruption at large firms in Europe and the US, including the advertising firm WPP, French construction materials company Saint-Gobain and Russian steel and oil firms Evraz and Rosneft
- Who is behind the attack?
- Many experts believe that Petya was designed to spread fast and cause as much damage as possible with a believably deniable cover of ‘ransomware’
- Security researcher from cybersecurity blog Krebs on Security stated that ‘Petya’ was a deliberate, malicious, destructive attack or perhaps a test disguised as ransomware.
- Pseudonymous security researcher noted that the new Petya is not designed to make money but as a criminal enterprise with intent to hurt victims specifically.
- On account of recent Ransomware outbreaks all over the globe, cyberattacks are the new menace and a global threat. Critically Examine.