Ransomware attack on Delhi-based diagnostic centre

Unknown hackers gained illegal access to servers and encrypted the data, demanding ransom from the owner in form of bitcoins to restore data

August 04, 2016 12:00 am | Updated 05:35 am IST - NEW DELHI:

An illustration file picture shows a projection of binary code on a man holding a laptop computer, in an office in Warsaw June 24, 2013. Security researchers have many names for the hacking group that is one of the suspects for the cyberattack on the U.S. government's Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda. But to Jared Myers and colleagues at cybersecurity company RSA, it is called Shell Crew, and Myers' team is one of the few who has watched it mid-assault  and eventually repulsed it. Myers' account of a months-long battle with the group illustrates the challenges governments and companies face in defending against hackers that researchers believe are linked to the Chinese government - a charge Beijing denies. To match story CYBERSECURITY-USA/DEEP-PANDA REUTERS/Kacper Pempel/Files

An illustration file picture shows a projection of binary code on a man holding a laptop computer, in an office in Warsaw June 24, 2013. Security researchers have many names for the hacking group that is one of the suspects for the cyberattack on the U.S. government's Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda. But to Jared Myers and colleagues at cybersecurity company RSA, it is called Shell Crew, and Myers' team is one of the few who has watched it mid-assault  and eventually repulsed it. Myers' account of a months-long battle with the group illustrates the challenges governments and companies face in defending against hackers that researchers believe are linked to the Chinese government - a charge Beijing denies. To match story CYBERSECURITY-USA/DEEP-PANDA REUTERS/Kacper Pempel/Files

A diagnostic centre in the national Capital was recently targeted by unknown hackers, who through a ransomware gained illegal access to its servers and encrypted the data.

They demanded ransom from the owner in the form of bitcoins to restore the data.

There has been a spurt in the use of ransomware by unscrupulous hackers to extort money from individuals and companies in the past few years. While a large number of cases were initially reported in the United States and European countries, according to cyber security experts, lakhs of computers are now getting infected by various versions of ransomware every year worldwide.

The hackers first encrypt the data of the computer user and then demand ransom in the form of bitcoin, to evade detection, to restore the data. The ransom amount is usually kept small to ensure that the victims pay up without taking to any legal recourse.

Complaint

Based on a complaint from the diagnostic centre, the Central Bureau of Investigation has registered a case under Section 384 (punishment for extortion) of the Indian Penal Code and Section 66 (computer related offences) read with Section 43 (damages and compensation for the offence) of the Information Technology Act.

The incident happened recently when computer operators at the diagnostic centre discovered that they were unable to access the data saved in the servers. The files when opened would just flash a message from the hackers: “Data is encrypted”.

Then the diagnostic centre received anonymous emails from the hackers demanding a ransom of $1,300 in the form of bitcoins.

Virtual crypto-currency

Bitcoin is a virtual crypto-currency that was invented in October 2008. One bitcoin is currently worth Rs.40,541. Several countries have not prohibited its use, some have come up with regulatory mechanisms for it, whereas several countries see it as a potential tool for money laundering operations, terror funding or other criminal activities.

RBI public advisory

In December 2013, the Reserve Bank of India issued a public advisory cautioning against transaction in virtual currencies like bitcoin. Days later, the Enforcement Directorate had conducted searches at the Ahmedabad office of a website dealing in virtual currency.

In April this year, alarmed by the rising incidents of ransomware attacks, the US’s Federal Bureau of Investigation issued a public advisory.

“Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted recently by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them,” said the statement.

The FBI said during 2015, law enforcement agencies had seen an increase in such cyber attacks, particularly against organisations as the payoffs were higher. “And if the first three months of this year are any indication, the number of ransomware incidents — and the ensuing damage they cause — will grow even more in 2016 if individuals and organisations don’t prepare for these attacks in advance,” said the advisory, recommending robust technical prevention controls.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.