wordpress blog stats
Connect with us

Hi, what are you looking for?

Petya ransomware in India: Jawaharlal Nehru Port, WPP Group hit

Malware

Danish logistics and container transport firm Maersk’s global ransomware attack has affected its control terminal in India which is located at Jawaharlal Nehru Port Trust (JNPT) in Mumbai. As per a government statement, the private terminal assigned to Maersk has been affected by a ransomware attack, and not its domestic terminals. This means that the cyber attack was not targeted at the Mumbai port, but merely a consequence of hackers targeting Maersk’s global operations.

A Reuter report pointed out that Maersk’scomputer systems were hit by the global Petya cyber attack, delaying shipments and order processing systems. Around 76 terminals run by the conglomerate at different ports in the country have been affected including in the United States, India, Spain and the Netherlands. Petya ransomware largely swept Europe this week and as per media reports, the ransomware Petya is more than holding ransom and collecting money.

Apart from this, UK’s WPP Group, an advertising and publishing company were also affected by the global cyber attack and seems like the company’s India unit has also been affected. Employees at WPP owns offices in India— GroupM, Maxus, Mindshare, Mediacom, MEC, JWT India, O&M, and Genesis BM—have received warning messages today asking them to turn off all Windows operated computers, according to Economic Times.

Petya is more than a ransomware: Researchers

According to a Securelist report, Petya encrypts files on a computer and asks the user to pay $300 in ransom to receive decrypt keys. It was originally discovered in May 2016 by Kaspersky Lab. It not only encrypts data, but also overwrites a hard disk drive’s master boot record (MBR); this means infected PCs cannot boot their original operating system but rather a malicious code that prompts a command window. The report adds that Petya is more than ransomware, it’s a tool which can be classified as “Ransomware-as-a-Service model”.

Hackers simply put their malicious code on a packaged software or an online product which is already running on machines. This is done using a Windows exploit called ‘EternalBlue‘. Once infected, it spreads and distributes itself to neighbouring networks and PCs. The nature of this cyber attack has raised eyebrows since there is a possibility that hackers are targeting not only profits in form of ransom, but also destroying files.

In many instances, machines infected with Petya were not able to decrypt files, even after the ransom payment was made to the original attacker via bitcoins, reports The Verge. A Bitcoin address associated with the attacker (tip: TheVerge) shows that as of 12:30 IST, 45 successful incoming transactions have been made. A total of 3.99009155 bitcoins were received by the attacker, which translates to just over $10,000. The Securelist report also points out that hackers using Petya placed “protection mechanisms” into their malware (software pretending to be legit) to stop other hackers from duplicating the malware code.

Here is more reading to understand how to protect systems against such an attack.

You May Also Like

News

Mobile number porting requests increased by 20% to 8.2 million requests in December 2020, compared to 6.8 million porting requests reported in November 2020....

News

Due process was not followed by Kerala’s IT Department in finalising the contract with US-based data analytics platform Sprinklr, a report by an enquiry...

News

As businesses and individuals moved online, cyber criminals and fraudsters were able to hone in their skills and target a wider range of people...

News

The Payment Card Industry Data Security Standard (PCI-DSS), the international body for card security, is working on updating security standards for card and mobile...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ