India was affected far worse by the WannaCry ransomware attack in May than official statistics suggest, said P.C. Haldar, former director of the Intelligence Bureau, on Friday. He was speaking at a session of the Security 360 — Synergia Conclave-2017 inaugurated in the city.
“India was one of the worst-affected areas by the WannaCry ransomware. The official figures say around 45,000 computers were affected. But [the actual] number may be around 2.5 lakh,” he said, refusing to elaborate further. He said under-reporting of data breaches hinders realistic assessment of the extent of vulnerabilities. “The recent data breach at a tech major was also underplayed,” he said.
He said three issues have left India very vulnerable to a cyber catastrophe waiting to happen — non-updation of software and hardware even in government systems, lack of cyber hygiene, and under-reporting of breaches. “The next 9/11 likely to happen in cyberspace [is] predicted to be far more disruptive than the 9/11 attacks of 2001 in the USA, and it will happen because of lack of cyber hygiene and outdated systems,” Mr. Haldar said.
WannaCry played on a bug in Microsoft that was known but not plugged in time. Numerous government systems run on Microsoft XP even today, and most are neglected and not updated. The ATMs that were recently affected were those running on XP. Mr. Haldar said it is such vulnerabilities that cyber attackers prey on.
He opined that though it would take up resources, the government needs to take up a drive to update its systems.
COMMents
SHARE