WannaCry ransomware: Cyber cell's warning came too late, says advocate
Bengaluru: The red alert, which was issued on Monday by the Computer Emergency Response Team of India (CERT-In) – India’s nodal cyber security agency on ‘WannaCry’ ransomware – a global cyber-attack that has hit 150 countries since May 12, has come “too late,” says Mr Neeraj Aarora, advocate on record, Supreme Court, cyber lawyer and international arbitrator.
“In India, such attacks have gained momentum in the last two years and all the investigation agencies as well as the CERT-In, Ministry of Information Technology, are aware of threats. But no steps have been taken so far to educate the stakeholders on the importance of maintaining a data backup and protecting their systems from any kind of malware or creating specialised skills and cyber forensic tools to investigate and prosecute such offenders. The advisory should have been issued much earlier in the wake of a looming threat of ransomware. It is too late for those who have already been victimised by the cyber attack, because they will not be able to get their data back even with the best of cyber forensic tools in the world,” he said
Ransomware, he said, is not a new phenomenon. “According to a private study, there have been around 2,500 ransomware attacks in India in the last three to four years and only five first information reports have been registered, including two in Punjab and one in Delhi. This time, the magnitude is global and the scale of damage is huge. The hackers have used advanced algorithms, which are too strong to be broken by any forensic laboratory in the world in a limited timeframe. Even if the encryption is try to be broken with brute force, it will take 10-20 years,” said the cyber law expert.
Since 2012, more than 250 types of crypto ransomware have been used by the hackers to encrypt data. “This time, cyber criminals have stepped up the level of attack. They have used advanced encryption algorithms, such as RSA, Triple Data Encryption Standard (3DES) and Advanced Encryption Standard (AES) with a suitably large key in their ransomware. Sophisticated crypto ransomware generate a new individual asymmetric key for each attack and wipe the session key from memory after usage. It is virtually impossible to break the encryption without paying the ransom,” he said.
