48,000 attempts of WannaCry ransomware attack detected in India: Quick Heal

By : |May 16, 2017 0

Many organisations and networks in over 150 countries were crippled by the recent WannaCry ransomware outbreak. According to IT Security solutions provider, Quick Heal, it detected over 48,000 MS-17- 010 Shadow Broker exploit hits responsible for ‘WannaCry ransomware’ outbreak in India with West Bengal witnessing the most incidents.

Among the attempted attacks by the malicious WannaCry ransomware, 60 percent were targeted towards enterprises and 40 percent towards individual customers. Quick Heal and its enterprise security brand, Seqrite, successfully detected this ransomware activity and cleaned the malicious file responsible for file encryption from all the attacked systems.

The top five cities impacted by the WannaCry ransomware in India are Kolkata followed by Delhi, Bhubaneshwar, Pune, and Mumbai. The top five states with maximum detections are West Bengal, Maharashtra, Gujarat, NCR (Delhi), and Odisha. The company received over 700 distressed calls regarding the spread of this ransomware.

“Our observation is that the attack is not focused towards any particular industry but it is widely spread across industries especially those organisations which are online and connected. In the last few days, we have received distressed calls from customers belonging to verticals like education, banking, financial, manufacturing, health care and even from few services sectors,” said Sanjay Katkar, MD & CTO, Quick Heal Technologies Limited.

Soon after the ransomware attack was spotted, Quick Heal Security Labs issued an advisory informing the customer on ways to reduce the risk of infection by WannaCry Ransomware. The company recommended that all Microsoft patch updates are applied for vulnerabilities used by this ransomware.

CIOL 48,000 attempts of WannaCry ransomware attack detected in India:

Notably, in the wake of global outrage, Microsoft too took a “highly unusual” step to provide public patches for Windows operating systems that are in custom support only. This includes specific fixes for Windows XP, Windows 8, and Windows Server 2003.

Microsoft usually charges businesses to provide custom support agreements for older versions of Windows, which include critical and important software updates from Microsoft beyond the normal end of extended support point. “Seeing businesses and individuals affected by cyber attacks, such as the ones reported today, was painful,” explained Phillip Misner, a security group manager at Microsoft. “Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only.”

Quick Heal advises that security software must be kept up-to-date with latest signature updates. Taking a regular backup of important data and periodically checking the backup restoration process is critical. Users are also advised to avoid clicking on links and opening attachment in emails from unknown and suspicious sources.

No Comments so fars

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.