Delhi firm reports WannaCry-like ransomware attack

17 Aug 2017

The WannaCry ransomware, which in May had disabled computers across the globe, may be making a comeback. Along with LG's systems being hit by ransomware this week, India's capital Delhi has also seen an attack, with employees of Rachna Sagar Private Limited ''locked'' out of more than 200 computers.

The cyberattack was reported on 9 August when staff at the publishing company found that they could not log into their user accounts, and could only use the ''demo'' account, The Indian Express reports.

Last year, a ransomware attack was used to target the Mumbai police system, and several files were encrypted by hackers.

The IT staff at the publishing company found that they were facing a ransomware attack. The hackers had posted a message demanding a ransom of between $800 and $1,000 US in bitcoin. While diagnostic work at the publishing company is underway, the encrypted data has not been recovered.

Deputy Commissioner of Police (Central) M S Randhawa confirmed the cyberattack and said a complaint has been registered at Daryaganj police station. The complaint was filed by the general manager at the company.

''This morning, when we started our work and opened Busy software, we received a text message which said our files are encrypted. The message said we have to pay money to enable decryption of our files (sic),'' the complaint read.

The publishing company uses the accounting software called Busy for its work. Employees have two accounts that they log into for accounting transactions - live and demo mode. Users have to gain access to the live mode to conduct business, which they have been locked out of. Police said it is difficult to track the hackers as they hacked into the computer systems using a proxy network.

''The hackers have locked out their data since April. Employees have not been able to conduct any business since the day of the cyberattack. Their billing process has been delayed and they are even scared to use ne tbanking as they fear online payment systems may be compromised,'' a source privy to the investigation told The Indian Express.

In May, WannaCry has infected more than 300,000 computers in 150 nations, starting with the UK's National Health Service. It threatened to lock out victims unless they pay a certain sum within one week of infection, usually in the virtual currency bitcoin (See: Don't reboot: group of experts finds WannaCry fix).