WannaCry, a ransomware, is in the list of world’s biggest cyber attacks ever. This year in May, the malware spread like a wild fire all over the world and engulfed some major organisations within its impact. While the news died down a little over the last few months, the hackers have not. After affecting some parts of India, including Andhra Pradesh, Gujarat, Kerala and West Bengal, WannaCry has attacked a publishing firm in the national capital, New Delhi. According to an Indian Express report, Delhi has witnessed its first ransomware cyber attack. The report said that employees of Rachna Sagar Private Limited were “locked” out of more than 200 computers.
WannaCry malware is a known cyber attack which exploits potential vulnerabilities of computer systems. Using this, hackers encrypt files from systems and demand ransom in exchange for unlocking them. According to IE, the cyber attack in Delhi was reported last Wednesday. The staff at Rachna Sagar found that the employees were not able to login to their user profiles, but only their ‘demo’ accounts. In 2016, a ransomware attack was used to target the Mumbai police system, and several files were encrypted by hackers.
When the IT staff of the company found out about the ransomware attack, the hackers posted a message demanding a ransom between 800-1000 US dollars in Bitcoin. IE reported that the matter is under investigation and the data has yet not been recovered. The complaint has reportedly been registered at Darya Ganj police station. An excerpt from the complaint, as reported by IE, reads as: “This morning, when we started our work and opened Busy software, we received a text message which said our files are encrypted. The message said we have to pay money to enable decryption of our files.”
The company which has been attacked uses an accounting software called ‘Busy’, where employees have two accounts where they log in for accounting transactions: live and demo mode. Users have to gain access to the live mode to conduct business, which they have been locked out of by the hackers. IE quoted a source saying that the publishing company has not been able to function, especially its billing processes ever since the attack.