Ransomware attack: how much you know about it?

Overview: As you are aware, our AIIMS hospital in Delhi suffered a lot in one of the biggest cyber attacks in India recently, preliminary investigation revealed it was a ransomware attack by Chinese-based hackers. Ransomware attacks are on the rise, according to a source, 70% of Indian organizations have been attacked by this ransomware software virus in the last three years, and its impact and ransom amount is increasing day by day. According to another report, in the last year 2022 alone 3,990 Indian organizations have been targeted by ransomware attacks and more than 150 million dollars have been paid for decryption keys as ransom.

How a Ransomware Attack Happens :-

Ransomware is a type of malicious software program or app (malware) that after infecting your computer or smartphone, encrypts all files on that computer or smartphone or locks your computer or smartphone. After that you have to pay those hackers ransom money (which can be from few thousand to few crore rupees and in cryptocurrency digital money like Bitcoin) to those hackers to view the files or log in, which is a kind of blackmail or extortion. If you pay they will give you a decryption key with which you can view your files again.

To protect your organization and private information from Ransomware attacks : –

• Take a systematic backup of all your important and necessary correspondence files regularly.
• Do not open any unknown hyperlink or email.
• Use good anti-virus software and regularly update anti-virus and all the software installed including operating system.
• Prepare your organization’s rules and guidelines on software installation, incident response and backup and then educate them to all employees.
• Use any external USB drives only after running them against an antivirus test.
• Prevent the installation of any unnecessary, unapproved or free software on your employees’ computers.

If you or your organization is under a ransomware attack :–

Paying as per cybercriminal instructions for a decryption key is an easy way out, but it’s not a right way because savvy thieves may retarget you or not provide decryption key even after receiving payment. CERTIN organization in India maintains database of ransomware virus, you can complain to them and get their help to remove ransomware. You can try for a solution on many websites like www.nomoreransom.org. If nothing else works, then format your computer or factory reset your smartphone and restore all your files from your latest backup, you will only lose what content or files which was not backed up.

Legal Remedies for a Ransomware Attack victim in India :-

• Prima Facie it is an infringement of our Fundamental Right to Privacy covered under Article 21- Right to Life of Constitution of India. Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 provides protection to personal information. Prior to these Rules, in India remedies for invasions of privacy existed under tort law and the Supreme Court of India accorded limited constitutional recognition to the right to privacy (under Article 21). These Rules provide the only codified provisions protecting the privacy of individuals and their personal information. 
• These malware attacks are a clear case of Extortion, which is covered under Section 383 and  Section 405(data treated as a ‘Property’) and the Punishments are covered under Section 406-409 of Indian Penal Code, 1860.
• It is also punishable with imprisonment for a term which may extend to three years and with fine under Section 66A of IT Act through 2008 amendment.