Attacks in Gujarat are being drawn to lax cybersecurity
Several reports of Gujarati businesses, particularly those in the manufacturing and pharmaceutical industries, as well as private citizens, have become victims of ransomware attacks. In these types of assaults, threat actors or hackers encrypt a victim’s files on the IT system or hardware and then demand a ransom from them in exchange for restoring access to the data. Over 90 ransomware attacks have been documented in Gujarat since January 2021; 53 incidents were reported in 2021 and 37 assaults in 2022.
In Gandhinagar, a complainant from Prajapati Vas notified the Gujarat CID (crime) that all of his Microsoft “.doc” files now show in “.pcqq” files and he cannot open them. The attacker wanted a 60,000 rupee ransom from the victim, a 29-year-old engineer.
An architect in Ahmedabad was unable to view the Autocad drawings of the structure he had planned since all of his files had the “.voom” extension. The complainant said, “I had not updated Windows Defender and was a victim of the attack. While in Vadodara, a Gotri complaint said that “DJVU Tojan” had attacked his machine, encrypted all of his data into “.vvew,” and demanded a $980 ransom to decrypt them.
A well cyber security expert warns that “there are new versions of DJVU family of ransomware attacks against pharma and manufacturing sectors. The expert accuses businesses of failing to notify India’s CERT-In cyber security agency about ransomware assaults “On April 20, 2022, CERT-IN issued a warning to businesses advising them to report ransomware attacks on their websites within the first six hours. Many still choose not to.
It is to understand that early notification enables CERT-In to deploy its team to limit the attacks on the victim organization, identify the IOCs, and stop the spread of ransomware.
Author: Sayyam Gangwal