India globally seventh most affected by Petya attack

Cyber security experts believe that the new attack was caused by a variant of the Petya ransomware which was unleashed in 2016.

IANS June 29, 2017 15:03:37 IST
India globally seventh most affected by Petya attack

New Delhi: India has become the worst-hit country in the Asia Pacific and Japan (APJ) region and the seventh most affected nation globally as a new ransomware 'Petya' hit on June 27, global cyber security firm Symantec said on Thursday.

India globally seventh most affected by Petya attack

Reuters

Mumbai's Jawaharlal Nehru Port Trust (JNPT), the country's largest container port and some local manufacturing units of global companies were hit, the government confirmed on Wednesday.

However, according to Information Technology Minister Ravi Shankar Prasad, India has largely remained insulated so far from the massive ransomware attack that started in Ukraine and Russia.

"The Petya ransomware attack was clearly inspired by the WannaCry attack, which received so much attention last month. The motives behind WannaCry are still unclear, however, it was not an effective approach to making money for its authors," said Gavin O'Gorman, an investigator in Symantec Security Response, in a post on Thursday.

The Petya ransomware was spread, at least in part, through updates to a Ukrainian tax accounting software.

Symantec has confirmed that MEDoc, a tax and accounting software package, is used for the initial insertion of Petya into corporate networks.

MEDoc is widely used in Ukraine, indicating that organisations in that country were the primary target.

Once on a computer, the malware attempts to spread to all machines on the network, using a combination of stolen credentials and the "Eternal Blue" exploit.

"It also attempts to connect to any computers that the infected computer has recently interacted with. However, unlike WannaCry, it does not attempt to connect to random IP addresses across the internet," O'Gorman added.

Cyber security experts believe that the new attack was caused by a variant of the Petya ransomware which was unleashed in 2016.

It differs from typical ransomware as it doesn't just encrypt files, it also overwrites and encrypts the master boot record (MBR), demanding that $300 in bitcoins be paid to recover files.

Updated Date:

also read

Modi pushes for growth in state exports, says team to review stalled SEZ projects
Economy

Modi pushes for growth in state exports, says team to review stalled SEZ projects

Voicing concern at a large number of stalled SEZ projects across the country, the Prime Minister said a high-level team has been constituted to review the problems and resolve them at the earliest.<br />

ITD Cementation bags contract worth Rs 2,168cr for JNPT terminal
Business

ITD Cementation bags contract worth Rs 2,168cr for JNPT terminal

ITD Cementation today said it has received Rs 2,168 crore order for carrying out the dredging and reclamation works for the 4th container terminal at the country's largest port JNPT.

Mumbai Maersk sets world record in loading highest number of containers, surpasses 19,000-TEU mark
Business

Mumbai Maersk sets world record in loading highest number of containers, surpasses 19,000-TEU mark

The Mumbai Maersk is the newest to enter the triple-E fleet in May this year and is deployed on the Asia-to-Europe service