Tamil Nadu Public Department comes under ransomware attack

Sensitive documents encrypted

September 18, 2021 01:42 pm | Updated September 19, 2021 01:15 am IST - CHENNAI

Photograph used for representational purposes only

Photograph used for representational purposes only

A ransomware attack is said to have encrypted certain sensitive documents of the Tamil Nadu Public Department since Friday morning. Some of the files encrypted relate to VIP visits, their programmes and related arrangements made by State Protocol officials, official sources said.

While the suspect has demanded payment of 1,950 USD in cryptocurrency as ransom for handing over the decryption code, cyber security experts from the Centre for Development of Advance Computing (C-DAC) and Computer Emergency Response Team are trying to retrieve the encrypted documents, sources in the State Secretariat here told The Hindu on Saturday.

Soon after the ransomware attack, officials from the C-DAC, with whom the State Government’s Electronics Corporation of Tamil Nadu (ELCOT) has a tie-up for e-governance and cyber security management issues, inspected the desktop computers that displayed a message from the suspect demanding payment of ransom in cryptocurrency, the sources said.

Outdated OS

Of the 12 desktop computers used at the particular section in the Public Department, about 8 were found to be operating on the Windows-7 Operating System which, cyber security experts said, was an outdated platform with little or no support from Microsoft. Because of the this, the desktop computers had no security/software updates and anti-virus mechanism to prevent ransomware or other cyber attacks.

Though officials were trying to retrieve the content of files that remain encrypted from other sources, cyber security officials from the Tamil Nadu police who inspected the desktop computers said there was no compromise whatsoever on VIP security protocol or any other matter that could affect the routine functions of the State government.

Policy matter

“We need an effective IT security policy and First Responders in computer forensics to handle such situations. Use of outdated operating systems with no software updates and anti-virus protection remains a threat. The ransomware is click-based and could have landed in the form of a Whatsapp message (opened on a desktop computer), email, pop-up etc,” a senior official who is part of the investigation team said.

According to cyber experts, there has been an increase in ransomware attacks in recent times. Suspects operating from unknown locations often target prominent personalities and demand payment of ransom by claiming that they had access to sensitive personal data or websites visited by them.

“Even if a few respond and make payments, that’s good enough for the suspects. Awareness on cyber safe practices when it comes to internet usage and updated systems supported by secure networks is the key,” the official said, adding that a formal complaint would soon be lodged with the police.

Top News Today

Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in


Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.