RailWire, the Internet provider established by the Indian Railways and Google, was the hardest-hit in the WannaCry ransomware attack that was first reported around two weeks back. The ISP accounted for 32.14% of all instances of the ransomware recorded by security firm eScan. The firm published a blog post on the impact of the cyberattack in India. RailWire apparently did not put up a firewall to block the protocol through which WannaCry spread through Windows machines, potentially exposing many of the hundreds of thousands of users who use its service everyday. According to the post, Madhya Pradesh was the hardest-hit state, accounting for over 32% of WannaCry in India. Maharashtra and Delhi came in at 2nd and 3rd most affected respectively. "While the Government is installing free Wi-Fi spots at various spots all over India, there is need to validate the internal security of these networks and there is also a need to ensure that all the consumers who are using RailTel’s free Wi-Fi service should do so with some caution," eScan said in a blog post. The ransomware spread through a vulnerability on the SMB protocol, which Windows machines, especially in local networks, use to exchange files and connect to devices like printers. The vulnerability was 'stockpiled' by the US's National Security Agency, and was a part of a massive trove of documents leaked from the agency by a hacker. While Microsoft rolled out updates for most Windows machines as early as April, they did not roll them out for…
