New wave of ransomware attacks in India

Ransomware worm WannaCry made headlines last year after it created panic in various countries across the globe. India was no exception from the attack. A year later when most of the infrastructure associated with the ransomware has been taken down, new reports have emerged stating that WannaCry still exists in dormant form.

For the people who don’t know what a Ransomware attack is, it is when a cybercriminal infects a computer system with a malicious piece of software and encrypts the data of the user on that system. The criminal then locks the system down asking for money or other aid of financial aid in a particular period of time while threatening that the victim will lose their data if they fail to comply.

This is observed by telemetry servers of the internet security provider eScan. In a statement, the company stated that eScan's telemetry servers have been picking up reminiscent artefacts of WannaCry ransomware on regular basis.

According to the report, Maharashtra received the highest number of Ransomware attacks, 56%, of total Ransomware attacks that were aimed at India in June 2018.

The top states which have been affected by ransomware are:

Maharashtra 56%
Delhi 13%
Gujarat 12%
Telangana 9%
Tamil Nadu 9%

The telemetry servers observed that newer ransomware and various variants are being added to the family. Those in active stage include GandCrab and ZZZ. The security solutions firm reported that GandCrab has taken center stage in last few weeks and is evolving at a much faster rate.

This development is serious and should be a cause for concern because India is the fifth most attacked country in the World and the third most attacked in Asia. The report went on to point that 20.77% of Ransomware attacks were recorded around the world in the month of June and India recorded 22.94% Ransomware attacks in the same month.