As per reports rolling in as we speak, India appears to have avoided the worst impact of the ransomware known as Wanna Cry. Speaking on the topic, government officials termed the scale of the attacks on India like “drops in an ocean”.
As per Aruna Sundararajan, secretary, ministry of electronics and IT:
Informally minor instances have been reported but they are like a drop in the ocean.
He said that as far as the government sector was involved, the only major attack was that on the Andhra Pradesh police, which was also contained within 18 computers. The government had not received intimation of any other attack of note.
However, reports coming from cyber security experts beg to differ. While it is true that government organizations were mostly safe, private institutions may not have been quite so lucky. As per reports, several Indian organizations from banking, insurance, manufacturing, retail, IT services, automotive companies, small retail shops and two of the country’s largest BPOs are among those affected.
Speaking with ET, a source said:
At least 45,000 computer systems in India have been infected.
The Indian Computer Emergency Response Team had already issued an advisory and is still keeping a watchful eye on the developments. As per Sanjay Bahl, director general of CERT-In:
Only five incidents have been reported and they are a mix of academia, private sector. We are still monitoring the situation.
However, he did say that the future was far from certain as the hackers could well release a different version. He also said that government organizations had already updated to the security patch issued by Microsoft. Organizations such as National Informatics Centre (NIC) which controls all central and state government systems, the central bank as well as the National Payments Corporation of India and the Unique Identification Authority of India, have also received warnings over the weekend.
Meanwhile, government officers could well say that India has avoided the worst. However, the truth with these type of attacks is that they are always a threat. Sending out a new, improved version of Wanna Cry would be as simple for the hackers as sending a mass of e-mails with contaminated files. And considering that they are already said to have made over $50,000 ($25,000 by some accounts), it is unlikely that they will stop.