Indian cyberspace received the highest number of “ransomware” attacks in the world between March and May this year, according to data released by Kaspersky Lab. “Ransomwares” are malwares that try to extort money from a user by taking control of the victim’s computer or files and documents stored on it.
What makes the development worrisome is the fact that with the launch of the “Digital India” and Smart City initiatives, the potential for cyber threat has been increasing manifold. Among the most malware-infected states in India, Karnataka tops the list with 36.58% of the total “infections”, while Delhi has bagged the fourth position with 10% and Haryana is the least affected state with just 1.96% of malware “infections” between March and May this year. Education and research institutions are on the top of the list of malware attackers, while print media companies are the least affected.
Very recently, the “Locky ransomware” affected about 150 computers in the Maharashtra government’s Revenue and Public Works Departments. According to IT officials, the malware must have spread through a spam email received by one of the officials in the department.
Altaf Halde, Managing Director (South Asia), Kaspersky Lab, India, said, “In India, awareness about malicious software is lacking and it is because of this that people get affected with such kind of viruses or malwares.”
“At a time when India is talking about ‘Digital India’ and ‘Smart Cities’, it is important for India to also provide for security in cyberspace where the computer system and other ‘cloud systems’ would be protected. To this, we have come up with an industrial solution through the use of a ‘light agent’ software where we would be providing a 360 degree solution to these problems along with cyber security training.” Altaf added.
According to Vitaly Kamluk, head of the APAC (Asia Pacific) Global Research and Analysis Team, Kaspersky Lab, and Security Researcher at INTERPOL, one of the major threats in cyberspace presently is the growing presence of “ransomwares”. “Ransomwares are malwares that try to extort money from a user by taking control of the victim’s computer or files and documents stored on it. Typically, a ‘ransomware’ either locks the computer or encrypts your data in such a way which is not accessible by you until you pay the ransom for the hostage,” Vitaly said.
The first “ransomware” was detected in 1989 and it was known as the “AIDS” ransomware. Since then, there have been several “ransomware” malwares developed over the years, with the “Petya” ransomware being developed this year. According to experts, Russian cyber criminals typically develop most of these “ransomwares”.
Asked how it is for an anti-virus software researcher to have to cope with researchers who are working equally hard to develop malwares, he said, “It happened in 2009 when we received way too many malicious samples every single day—about 300-350. We do not have thousands of people to tackle such large malwares every day. So we invested in developing the ‘ultimate malware recognition technology’ and it is now through such robotic technology that the laboratory develops anti-malwares and tune them on a regular basis to tackle such situations.”
In order to avoid such attacks on one’s system, users need to keep their software updated continuously so that they can get the latest decryption code, have a safe backup of all their valuable data, uninstall all used applications and use a reliable solution, which includes using a reliable anti-virus software. “In the age of global cyberspace, along with the homegrown hackers, governments should focus on development of cyber security, knowledge and expertise. They should also start training for cyber security in colleges or schools for people to better understand cyberspace and its potential threat and prevention methods. Also, the government should frame strong cyber laws to stop cyber crimes,” Vitaly added.