First and foremost, let’s clarify exactly what WannaCry is. This malware is a scary type of trojan virus called “ransomware.” As the name suggests, the virus in effect holds the infected computer hostage and demands that the victim pay a ransom in order to regain access to the files on his or her computer.
RansomWare like WannaCry works by encrypting most or even all of the files on a user’s computer. Then, the software demands that a ransom be paid in order to have the files decrypted. In the case of WannaCry specifically, the software demands that the victim pays a ransom of $300 in bitcoins at the time of infection. If the user doesn’t pay the ransom without three days, the amount doubles to $600. After seven days without payment, WannaCry will delete all of the encrypted files and all data will be lost.
The agency is urging Indian victims to avoid paying the ransom and contact law enforcement for support.
“Individuals or organizations are not encouraged to pay the ransom, as this does not guarantee files will be released. Report such instances of fraud to CERT-In and law enforcement agencies,” the cybersecurity authority stated.
The ransomware threat is particularly predominant in the country, where nearly 60% of Indians use pirated software, according to a 2015 survey. A sizable portion of small and medium industries in the country continue to use pirated versions of the Windows operating system, affording them no Windows updates or patches. This leaves them vulnerable to the exploit enforced by WannaCry, which was patched by Microsoft earlier this year in March. Further, legal experts claim that this category of users suffering losses incurred from WannaCry will not be able to report losses due to the use of pirated software.
In the state of Kerala, computers belonging to two village administrations were hit. An official stated:“There is no major impact in India, unlike other countries. We are keeping a close watch,” stated India’s IT minister Ravi Shankar Prasad. “As per the information received so far, there have been isolated incidents in limited areas in Kerala and Andhra Pradesh.”
The four computers were switched on as usual and they were unable to open any document files as the virus displayed messages demanding a payment of $300 in virtual currency Bitcoin to unlock files and return them to the user. We have informed the district authorities about this.
In a twist of irony, the use of outdated software among Indian banks and ATMs have reportedly made ATM networks immune to the ransomware attack. A majority of Indian ATMs still use the outdated and out-of-support Windows XP operating system, stroking fears of an ATM blackout in the country.