India is reportedly hit hard by the latest malware called Petya which has caused panic across the globe by locking thousands of computers. Global cyber security firm Symantec said on Thursday that India is the worst-hit country in the Asia-Pacific and Japan (APJ) region and the seventh most affected nation in the world.
Petya malware attack started in Ukraine and Russia on Tuesday, June 27 before spreading to other countries. It is a family of encrypting ransomware that was first discovered in 2016 and it targets Microsoft Windows-based systems. Unlike typical ransomware, it not only encrypts files but also overwrites and encrypts the master boot record (MBR)before demanding a ransom in bitcoins to recover the files. It comes not long after WannaCry ransomware and Adylkuzz malware affected thousands of computers across the world.
Also read: Petya 2017 is a cyber weapon in disguise of ransomware: What's the difference?
"The Petya ransomware attack was clearly inspired by the WannaCry attack, which received so much attention last month. The motives behind WannaCry are still unclear, however, it was not an effective approach to making money for its authors," Gavin O'Gorman, an investigator in Symantec Security Response, said in a post on Thursday.
"It also attempts to connect to any computers that the infected computer has recently interacted with. However, unlike WannaCry, it does not attempt to connect to random IP addresses across the internet," O'Gorman added.
The Shipping Ministry of India confirmed on Wednesday that Mumbai's Jawaharlal Nehru Port Trust (JNPT), the country's largest container port, and one of the private terminal operator have been hit by Petya malware.
"An unforeseen situation has developed at the JNPT owing to disruption in the operations of one of the private terminal operator, APM Maersk," the Ministry said in a statement. "It has been informed by the private terminal operator that this disruption is a consequence of a worldwide disruption being faced by them because of a cyber attack."
It went on to say that steps have been taken up to ensure that trade, transporters and public are not disturbed by the malware attack.
However, Information Technology Minister Ravi Shankar Prasad has said that India has largely remained insulated from the malware attack and steps have been taken up to control its proliferation.
"We have been taking proactive steps... we have sent out advisories (on the cyber attack and the malware)... India is not much affected at this stage," Prasad said at the inauguration of the two-day National Convention on "Digitalization: Opportunities and Challenges" according to IANS.