The Indian Computer Emergency Response Team (CERT-In) has issued an alert about spread of new ransomware (malicious software) ‘Locky’ that can lock computers and demand ransom for unlocking them. Ransomware is basically type of malicious software designed to block access to computer system until sum of money is paid.
Locky ransomware is being circulated through massive spam campaign in which spam emails with common subject lines target computers by locking them and demanding ransom for restoring access to users. It first had surfaced in 2016.
It encrypts files on victims’ PCs and adds a .locky file extension. The attackers then demand ransom in Bitcoin payment to unlock the files. It is demanding ransom of half bitcoin, which at present rate is equivalent to over Rs 1.5 lakh. So far, it has extorted more than $7.8 million in payments, according to a recent study. However, its impact on Indian systems is not clear so far.
The Locky Ransomware cyberattack is third major ransomware attack this year after Wannacry and Petya which had crippled thousands of computers, including those of multinational corporations. According to an Assocham PWC study, India was third worst affected country in list of over 100 countries hit by Wannacry in May 2017.
CERT-In is nodal agency for information technology security under aegis of Department of Information Technology, Ministry of Electronics and IT. It was established in 2004. Its mandate is to protect Indian cyberspace and software infrastructure against destructive and hacking activities. It also responds to computer security incidents, report on vulnerabilities and promote effective IT security practices throughout country. It also issue guidelines, vulnerability notes, advisories, and whitepapers regarding to information security practices, prevention,