DT
PT
Subscribe To Print Edition About The Tribune Code Of Ethics Download App Advertise with us Classifieds
Add Tribune As Your Trusted Source
search-icon-img
search-icon-img
Advertisement
PREMIUM Explainers Defence Photo Gallery Cricket The Great Game Simply Punjab Simply Haryana UPSC
Home / ScienceTechnology / India saw 53 per cent increase in ransomware attacks in 2022: CERT-In

India saw 53 per cent increase in ransomware attacks in 2022: CERT-In

article_Author
Tribune Web Desk
Updated At : 10:48 PM Apr 14, 2023 IST
  • fb
  • twitter
  • whatsapp
  • whatsapp
featured-img featured-img
Advertisement

IANS

Advertisement

New Delhi, April 14

Advertisement

India saw a 53 per cent increase in ransomware incidents in 2022 (year-over-year) and IT and ITeS was the majorly impacted sector followed by finance and manufacturing, India’s national cyber agency CERT-In has said in its latest report.

Advertisement

Ransomware players targeted critical infrastructure organisations and disrupted critical services in order to pressurise and extract ransom payments in 2022, according to the “India Ransomware Report 2022”.

“Variant wise, Lockbit was a majorly seen variant in the Indian context followed by Makop and DJVU/Stop ransomware. Many new variants were observed in 2022 such as Vice society, BlueSky etc,” said CERT-In.

Advertisement

Last year, a massive ransomware attack disrupted the systems at the All India Institute of Medical Science (AIIMS), crippling its centralised records and other hospital services.

According to the CERT-In report, at the large enterprise level, Lockbit, Hive and ALPHV/BlackCat, Black Basta variants became major threats, whereas Conti, which was very active in the year 2021, became extinct in the first half of the year 2022.

“Makop and Phobos ransomware families mainly targeted medium and small organisations. At individual level, Djvu/Stop variants continued dominance in attacks over the past few years,” the report said.

Most of the ransomware groups are exploiting known vulnerabilities for which patches are available.

Some of the product wise vulnerabilities being exploited are in tech companies like Microsoft, Citrix, Fortinet, SonicWall, Sophos, Zoho, Palo Alto, etc, said the report.

“Ransomware gangs are commonly using Microsoft Sysinternals utilities such as PsExec for lateral movements,” it added.

On an average, the restoration time is about 10 days for infections in reasonably large infrastructure networks.

“For smaller networks/infrastructure, the restoration time is around 3 days and for individual systems it is 1 day,” the CERT-In report noted.

Ransomware gangs are becoming innovative in their approach to improve attack operational efficiency.

“Ransomware builders are focusing on speed and performance. Instead encrypting the entire file, a portion of the file is getting targeted for encryption to save time. Multithreading is getting leveraged for faster encryption and decryption of files,” the report mentioned.

Advertisement
Advertisement
Advertisement
Advertisement

The Tribune, now published from Chandigarh, started publication on February 2, 1881, in Lahore (now in Pakistan). It was started by Sardar Dyal Singh Majithia, a public-spirited philanthropist, and is run by a trust comprising five eminent persons as trustees.

The Tribune, the largest selling English daily in North India, publishes news and views without any bias or prejudice of any kind. Restraint and moderation, rather than agitational language and partisanship, are the hallmarks of the newspaper. It is an independent newspaper in the real sense of the term.

The Tribune has two sister publications, Punjabi Tribune (in Punjabi) and Dainik Tribune (in Hindi).

Remembering Sardar Dyal Singh Majithia

Copyright © The Tribune Trust, 2024
Designed and developed by : sortd
tlbr_img1 Classifieds tlbr_img2 Videos tlbr_img3 Premium tlbr_img4 E-Paper tlbr_img5 Shorts