Ransomeware Threat is looming large in India

INDIAN Corporate world is facing a new challenge and that is a threat of ransomewear.

Throughout 2016, ransomware has become an increasingly popular malware for hackers hitting small to big companies alike in India. The threat that was perceived to be a threat to western world, entered Indian territory with a big bang in the early 2016. Surprisingly Indian Industry is tight lipped about it, including the victims, who fell prey to such hackers and silently paid the ransom to the hacker. The fear bad publicity prevents Indian Industry from making a hue and cry about these attacks and the very same reason is an alarming sign to Indian Industry. As not many of the innocent potential victims aren’t aware about this menace and hence are ill prepared to face this challenge.

As hackers find creative ways to extort money by holding computers hostage, ransoms are becoming less affordable while the malware becomes tougher to crack.

In a recent case that happened in Mumbai, close to 1000 computers in a company were the target of ransomeware and all the data on these 1000 odd computers was encrypted by a ransomeware. The hackers proposed to send the decryption key, once their demand of 1.7 Bitcoins per computer is met. In current situation 1.7 Bitcoins can be bought for Rs.1.30 Lakhs. Just imagine the cost involved to get data decrypted on all the 1000 odd computers.

Ransomware attacks have increased by 50 percent in 2016 from 2015, now the fifth most common type of malware. In 2014, it was only the 22nd most common, according to Verizon’s 2017 Data Breach Investigations Report.

The report also found that ransomware made up more than 70 percent of malware attacks on the health care industry, which includes hospitals, pharmacies and insurance agencies.

In 2016, Symantec found 463,841 instances of ransomware attacks, which rose from 340,665 in 2015. They also discovered 100 new variations of ransomware, tripling since last year. Over the last year, the security company found an average of 1,271 ransomware attacks each day.

Ransomware’s rise comes from both how easy it is to share the malware, as well as how profitable the attacks are. When cyber criminals can share the software with each other and send out ransomware to infect systems in mass amounts through email, it’s a quick formula for an easy buck.

“Ransomware has shown a propensity for monetization and automation,” said Gabriel Bassett, the Verizon’s report co-author. “As long as the industry allows the same things to work, we’re not going to see huge changes because the attacks are all economically driven.”

They can afford to raise the price when the majority of victims are willing to just pay the price. In the US, 64 percent of ransomware victims opt to pay the ransom, with the software often times being too difficult to crack, even for the FBI.

Attacks have become more sophisticated, going after entire drive systems as opposed to specific files to hold hostage. Ransoms can now also increase for every day it’s not paid, and some ransomware function as pyramid schemes, offering freedom if victims can infect two or more people.

Indian Industry need to pull their socks up, if they want to fight out this menace. More people fall prey to the hackers and pay up, the ransom demand as well as attacks are going to increase. The industry needs to secure their perimeter and fortify the digital assets. Most importantly, industry needs to educate their employees from clicking on malicious links or visiting malicious websites, which normally is the gateway for ransomeware to enter the digital domain. of an oraganization.


Sextortion is on rise in India

While assisting one of the cyber cell in investigation of a Cyber-Extortion case, we came across a very typical cyber crime. An individual from Mumbai city receives a friend request from a very appealing and beautiful girl and he readily accepts it. Soon they start chatting on facebook messenger and their friendship grows into an intimate relationship, within no time. The girl asks individual to switch over to Skype from facebook messenger. They both soon start chatting on skype. On a particular day, in the night, while both are chatting on skype, the girl tells the guy that she was feeling differently and starts acting naughty. The girl starts stripping her clothes. Guy cant believe his luck. The girl strips to her bare minimum and asks the guy to do the same. Within no time, the guy repeats her act and removes all his clothes. The moment he strips down, the girl excuses herself for sometime to come back soon. The guy waits for her to come back. The girl after coming back, sends him text on skype telling him that whatever strip show he performed in front of web cam on skype has been recorded by her and she is soon going to send this web cam recorded video to all his friends on his facebook page. She tells him to send 5000$ to her account if he doesn’t want his strip show to be sent to his friends. The guy shows his reluctance to send the money. The girl sends him the youtube link, where she had uploaded his video of strip show. The guy watches the video and decides to lodge compliant with the police.

This kind of crime is called as Sextortion and is rampant all over the world since last few years. In most cases, these kind of sex extortion rings are located in few African countries including Nigeria whereas few such call centers running these kind of sex extortions are located in south-Asian countries such as Philippines.

In many cases, the strip show by the girl is a prerecorded strip show. There is group of extortionist involved in such kind of crimes, who create fake facebook profiles of girls and plant such videos in Skype conversation.