In a first, Forest Dept falls prey to ransomware attack

Crucial data pertaining to accounts and finance of State Forest Department was ‘locked’ by unidentified hackers in mid-March

Published: 29th September 2016 03:44 AM  |   Last Updated: 29th September 2016 03:44 AM   |  A+A-

By Express News Service

THIRUVANANTHAPURAM: In a first incident of its kind, a government department fell victim of ranswomware attack by cyber criminals.
As per information, crucial data pertaining to accounts and finance of State Forest Department stored in a local network comprising 20 computers at its headquarters was found ‘locked’ by unidentified hackers in mid-March this year.
Officials said hackers locked the files using the notorious ‘RSA-4096’ virus, which infected the computers after an official inadvertently downloaded an image file and shared it in the local network. The hackers, suspected to be Russians, then demanded an undisclosed ransom amount to unlock the data.
A 25-member IT wing (Forest Management Information System-FMIS) of the department tried to get rid of the bug for nearly a month, but in vain. Later, the matter was referred to antivirus providers and then to the Computer Emergency Response Team-Kerala (CERT-Kerala), a nodal agency of Kerala State IT Mission for cyber security. The measures suggested by the latter were tried out, but the encryption with strong algorithm proved to be be a tough nut to crack.
Now, it is learnt that the department has decided to forgo it.     
“Being a government department, we could not think of paying ransom. Besides, there was no guarantee that hackers would restore the data after payment. The only option left was to forgo it to prevent any more damage.” said an FMIS official, who did not want to be named.
After losing the battle to hackers, FMIS officials deleted the files in affected computers and beefed up IT security.  According to NIC, this was the first reported case of ransomware attack on a public system in the state.
The incident also exposes the vulnerability of government’s IT infrastructure.
State vulnerable
IT experts warned that government systems, hospitals and others were increasingly coming under attack from cyber criminals. Even Symantec, a cyber-security company, ranked India fourth in terms of vulnerability to ransomware attacks.
“This prompted the Centre to issue guidelines to state IT agencies to take sufficient precautions,” said Renjith A, project manager of CERT-Kerala.
“Cyber criminals turned to ransomware attacks, after IT security in banks got improved. Government systems are easy targets, as they lack necessary security measures.” said Rahul Sasi, information security expert and chief technology officer of cloud security service CloudSek.


India Matters


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on are those of the comment writers alone. They do not represent the views or opinions of or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp