THIRUVANANTHAPURAM: In a first incident of its kind, a government department fell victim of ranswomware attack by cyber criminals.
As per information, crucial data pertaining to accounts and finance of State Forest Department stored in a local network comprising 20 computers at its headquarters was found ‘locked’ by unidentified hackers in mid-March this year.
Officials said hackers locked the files using the notorious ‘RSA-4096’ virus, which infected the computers after an official inadvertently downloaded an image file and shared it in the local network. The hackers, suspected to be Russians, then demanded an undisclosed ransom amount to unlock the data.
A 25-member IT wing (Forest Management Information System-FMIS) of the department tried to get rid of the bug for nearly a month, but in vain. Later, the matter was referred to antivirus providers and then to the Computer Emergency Response Team-Kerala (CERT-Kerala), a nodal agency of Kerala State IT Mission for cyber security. The measures suggested by the latter were tried out, but the encryption with strong algorithm proved to be be a tough nut to crack.
Now, it is learnt that the department has decided to forgo it.
“Being a government department, we could not think of paying ransom. Besides, there was no guarantee that hackers would restore the data after payment. The only option left was to forgo it to prevent any more damage.” said an FMIS official, who did not want to be named.
After losing the battle to hackers, FMIS officials deleted the files in affected computers and beefed up IT security. According to NIC, this was the first reported case of ransomware attack on a public system in the state.
The incident also exposes the vulnerability of government’s IT infrastructure.
IT experts warned that government systems, hospitals and others were increasingly coming under attack from cyber criminals. Even Symantec, a cyber-security company, ranked India fourth in terms of vulnerability to ransomware attacks.
“This prompted the Centre to issue guidelines to state IT agencies to take sufficient precautions,” said Renjith A, project manager of CERT-Kerala.
“Cyber criminals turned to ransomware attacks, after IT security in banks got improved. Government systems are easy targets, as they lack necessary security measures.” said Rahul Sasi, information security expert and chief technology officer of cloud security service CloudSek.