How Vulnerable are we to Global Ransomware Cyber-Attack and What we Need to do About it
Wannacry, the cyber-attack that crippled Britain’s National Health Service, and jammed hundred and thousands of computers in Spain, Russia, Ukraine,Taiwan and several other countries, last week, should be a wake-up call for all of us – individuals, organizations and governments– who tend to take cyber security lightly. What’s Wannacry all about? It’s a ransomware -- a particularly nasty type of malware that blocks access to a computer or its data and demands money to release it. The malicious software is planted on the network and temporarily stalls users from accessing their systems till a specified amount of “ransom” is paid electronically. Usually the ransom demand is in the form of crypto currencies such as Bitcoin whose transaction trail is virtually untraceable. Once the ransom is paid, the files and data are decrypted by the hacker. In most cases the lock down is done through Trojans which are planted into the network system as simple phishing or spam emails.
Wannacry was the most widespread and contiguous malware attack in history. Hackers used a flaw in Microsoft software to infiltrate unguarded systems. Microsoft had released a patch against this flaw in March but many systemadministrators failed to patch all computers and the ones which were unpatched became vulnerable to this attack.
The ransomware has the ability to jump from one network to another, prompting some cyber experts to coin a new term, “ransom worm”.Interestingly, this flaw was used by NSA (The National Security Agency of USA) to infiltrate computers across the world. However, NSA had reported this flaw to Microsoft leading the latter to develop a patch for it. Hackers used vulnerable machines within networks of institutions such as NHS, UK (The National Health Services) to lock down electronic medical processes leading to numerous problems.
A ransomware attack can potentially stop critical services from functioning
and therefore stakeholders have a very little negotiation power leading them to comply to the “ransom demand” immediately.
It’s impact on a service like Aadhaar
Till now Aadhaar has been predominantly a non-linked service, which means that it contained mostly demographic information of citizens. But now Aadhaar is being linked to bank accounts, income tax, PAN and other more sensitive information. This makes it a huge threat surface for hackers to intrude. Imagine a situation where an intrusion happens through Aadhaar. Since the user’s bank account is linked with his Aadhaar number, the ransomware can lock down the account and make it unusable unless a “ransom” is paid. Imagine the havoc and destruction it can create if something like Wannacry were to hit UIDAI.
As we move towards a cashless economy the threat becomes graver. In an increasingly digitalized India, the volume of electronic transaction will increase. Since Aadhaar is now being linked to our bank account, it is possible that in case of lack of preparedness on our part, a cyber-attack like Wannacry can access and lock our bank accounts. The sheer volume of Aadhaar numbers and their linked financial accounts makes the Aadhaar system a sitting duck. According to a newspaper report the outdated version of Window XP that Wannacry managed to exploit is used by 70 per cent of Indian ATMs.
The losses from such cyber-attack need not only be financial. The damage could be much more than financial in sectors such as manufacture, traditional health care and power generation which have not patched their systems to ensure security. According to CERT-In, nearly 11,000 networks in India have been victims of probing-scanning, in the past 14 months. Scanning and probing is the first step used by hackers, where they monitor the systems. This is generally followed by insertion of malware or ransomware.
Safeguards we need to take
Does it need to be done at the individual level or at the government level? The responsibility lies with both institutions as well as individuals. In the recent Wannacry attack, it is clear that the system administrators failed to secure all the systems on the network with the updated patch leaving them vulnerable.
Institutions and governments need strong cyber security and cyber-defense strategies. Cyber-defense capabilities, particularly, is an important mandate as hacking becomes extremely easy and pervasive. From an individual’s standpoint, we should firstly be aware that our digital devices have a possibility of getting compromised. In terms of best practice, it is advisable to keep our antivirus updated and lookout for new patches that keep our software updated. Needless to say, downloading and accessing unauthorized software or websites should be a strict no-no for both personal devices as well as systems within enterprise networks.
Institutions and governments need strong cyber security and cyber-defense strategies. Cyber-defense capabilities, particularly,is an important mandate as hacking becomes extremely easy and pervasive
It’s impact on a service like Aadhaar
Till now Aadhaar has been predominantly a non-linked service, which means that it contained mostly demographic information of citizens. But now Aadhaar is being linked to bank accounts, income tax, PAN and other more sensitive information. This makes it a huge threat surface for hackers to intrude. Imagine a situation where an intrusion happens through Aadhaar. Since the user’s bank account is linked with his Aadhaar number, the ransomware can lock down the account and make it unusable unless a “ransom” is paid. Imagine the havoc and destruction it can create if something like Wannacry were to hit UIDAI.
As we move towards a cashless economy the threat becomes graver. In an increasingly digitalized India, the volume of electronic transaction will increase. Since Aadhaar is now being linked to our bank account, it is possible that in case of lack of preparedness on our part, a cyber-attack like Wannacry can access and lock our bank accounts. The sheer volume of Aadhaar numbers and their linked financial accounts makes the Aadhaar system a sitting duck. According to a newspaper report the outdated version of Window XP that Wannacry managed to exploit is used by 70 per cent of Indian ATMs.
The losses from such cyber-attack need not only be financial. The damage could be much more than financial in sectors such as manufacture, traditional health care and power generation which have not patched their systems to ensure security. According to CERT-In, nearly 11,000 networks in India have been victims of probing-scanning, in the past 14 months. Scanning and probing is the first step used by hackers, where they monitor the systems. This is generally followed by insertion of malware or ransomware.
Safeguards we need to take
Does it need to be done at the individual level or at the government level? The responsibility lies with both institutions as well as individuals. In the recent Wannacry attack, it is clear that the system administrators failed to secure all the systems on the network with the updated patch leaving them vulnerable.
Institutions and governments need strong cyber security and cyber-defense strategies. Cyber-defense capabilities, particularly, is an important mandate as hacking becomes extremely easy and pervasive. From an individual’s standpoint, we should firstly be aware that our digital devices have a possibility of getting compromised. In terms of best practice, it is advisable to keep our antivirus updated and lookout for new patches that keep our software updated. Needless to say, downloading and accessing unauthorized software or websites should be a strict no-no for both personal devices as well as systems within enterprise networks.
.jpg "Engeotech: Innovating Smart Ways to Offer Customized Water Treatment Solutions")
