• News
  • Columns
  • Interviews
  • BW Communities
  • Events
  • BW TV
  • Subscribe to Print
BW Businessworld

Jotting: Digital Ransom

72 hours after the email arrives, the $300 ransom doubles

Photo Credit : Shutterstock


Kidnapping people and sending out ransom notes is passé. Cyber criminals send you an email with a link. Click it and all hell breaks loose — your files (documents, spreadsheets, photos etc.) get encrypted and locked. You just won’t be able to open them, unless you pay the ransom.

Payment is demanded in Bitcoin cryptocurrency. After 72 hours, the $300 ransom doubles. After seven days your files are permanently locked. The world got a taste of this when a nasty malware called WannaCry struck computers running older versions of the Windows operating system and left millions in tears. The malware attack was first reported on 12 May.

Since then, more than 200,000 computers in 150 countries have been infected. Computers that run older versions of the Windows operating system, such as Windows XP, were hit first. Even computers for which security updates or patches had not been applied, have been affected. Hackers find vulnerabilities in operating systems and try to exploit them by tricking users into downloading malware or malicious code. Once the code is installed on the machine it takes control and does whatever the hacker intended. Ransomware encrypts and locks files.

To counter such attacks, Microsoft regularly issues updates for its operating systems. The day after the outbreak Microsoft released an emergency security patch for Windows XP. So, did WannaCry drive Indian companies to tears? Sharda Tickoo, Technical Head, Trend Micro, India said India was the “worst hit” in the APAC region. “This malware is different as it is trying to exploit legacy systems. In India we still have many machines running on legacy operating systems like Windows XP and Windows (server) 2003,” said Tickoo.

Nicolas Drogou, Head, Security Practice, Asia Pacific, Orange Business Services said, “In Singapore, it didn’t affect many companies but government institutions were openly breached and attacked.” Experts say the best way to protect yourself from WannaCry is to take a multi-pronged approach: make backups, patch software, upgrade to the latest operating system and isolate infected systems.

Electronic payments and online transactions in India dipped following the outbreak of WannaCry. This impacted the e-commerce industry and services/utilities companies. Samir Shah, CEO Aurionpro said, “In most hospitals, on average, 11 per cent have equipment that run older versions of Windows. For them patching end-points is not a regular routine, as you would see in say, the banking industry.” Imagine the chaos at airports, railway stations and hospitals if WannaCry strikes there. Makes you “wanna cry,” no?