Giving in to ransomware threat: Indian firms ignore govt directive, pay up

Ignoring the government's directive and legal consequences, some Indian companies hit by the ransomware virus WannaCry are believed to have gone ahead and paid the ransom to get their systems unlocked, according to a report published by The Economic Times.

"While some companies might consider making payments to obtain the decryption key to unlock their computers that have been locked by the WannaCry virus, one must consider the legal implications of this action,"  Tushar Ajinkya, partner, DSK Legal, a law firm, told ET. 



"In the event it is concluded that the actions of the ransomware WannaCry in demanding payment for the release of the encrypted data tantamount to extortion, then in addition to a FEMA violation, facilitators and recipients of such payment may also attract provisions of the PMLA," Ajinkya said.

The malware demands $300 in bitcoins to release the infected system and its data, causing hundreds of millions of dollars in business damage to corporations and government utilities.

Though India might have escaped the worst of WannaCry, some have paid the ransom to get their systems unlocked. "There would be some companies that may have paid the ransom in haste to retrieve their encrypted data. As of Monday morning, the hackers seem to have globally collected 23 bitcoins, which is around $41,400," said Amit Jaju, executive director, Fraud Investigation & Dispute Services (FIDS), EY India, according to the ET.



India’s Computer Emergency Response Team (CERT-In) had advised to victims of the attack, to not given into the cyber attackers' threats and pay the ransom, Business Standrad had earlier reported.  

In a webcast on Monday, CERT-In advised individuals and organisations on how to protect themselves from the threat and outlined what they should do if the ransomware has made it onto their system. CERT-In had issued a critical warning against the WannaCry ransomware threat on Saturday.



“Do not pay the ransom, that will encourage the attackers to do more of such attacks. Report the incident to CERT-In and the local law enforcement agencies so that we can work on it,” a representative of CERT-In said in the webcast.
 

Many companies are believed to have paid in bitcoins to hackers with the help of third-party service providers, reported ET.

More than 100 countries, including India, were hit by a massive cyber-attack, which, according to experts, was carried out with the help of "cyber weapons" stolen from the US' National Security Agency. The cyber attack was first reported from Sweden, Britain and France, US media outlets reported. Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files, Business Standard had reported last week.