WannaCry did hit India and even central govt portal. So why did Centre downplay the ransomware attack?
Though the central government had earlier claimed that global ransomware WannaCry didn't have a serious impact in the country, but its official documents reveal that its corporate affairs ministry's key portal for making filings by companies - MCA21 - had come under cyber attack last month.
Without disclosing the magnitude of attack, the documents mentioned that the malware affected certain services.
The attack was presumably the first on a central government portal and prompt measures were taken to contain it. Last month, WannaCry impacted computer systems and networks in more than 150 countries, including India.
Cyber security experts said it affected at least 48,000 systems across various organisations in India, but not many came forward raising doubts whether possible ransomware attacks were being properly reported.
WHY DID THE CENTRE LIE?
Mail Today had earlier reported how corporates are downplaying the incidents and refraining from reporting to the central agency. According to experts, many corporates, institutions and individuals have been hit by the ransomware. But only government offices had come forward and no business enterprises have admitted to the cyber breach.
In May 2017, the MCA21 system was subjected to WannaCry ransomware attack. The attack was in the nature of a 'zero day attack' and was first noticed on May 7, the document said. Zero day attack refers to hackers exploiting a flaw in a software system that is not known to the vendor itself.
MCA21 is managed by IT major Infosys, provides for making electronic filings related to compliances under the Companies Act and Limited Liability Partnership Act, 2008. During the peak of WannaCry's outbreak, a series of attacks were reported in Odisha, Kolkata, Andhra Pradesh, Gujarat and Kerala, apart from other parts of the country. As per the document, the system servers were reformatted and systems redeployed. Prompt measures helped all services being restored without any loss by May 12, it said.
While some documents related to front and back office services were affected, technical teams informed CERT-In immediately. CERT-In is the government's cyber security arm.