Ransomware Attack on PTI Servers

Why in NEWS ?

• The Press Trust of India’s computer servers suffered a massive ransomware attack, disrupting operations and the delivery of news to hundreds of subscribers across India.

ABOUT

• The attack by the ransomware, which identified itself as Lock Bit, infecting almost all the servers of India’s premier news agency. The virus encrypted all data and applications, forcing the stoppage of news delivery to PTI subscribers. The ransomware, through a computer screen message, demanded ransom to provide a key to decrypt it.
• Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website.

SYSTEM-BASED ATTACKS

• Virus
• Worm
• Trojan horse
• Backdoors
• Bots

INDIAN RESPONSE SYSTEM

• The Indian Computer Emergency Response Team (CERT-In) is an office within the Ministry of Electronics and Information Technology of the Government of India. It is the nodal agency to deal with cyber security threats like hacking and phishing.CERT-In is operational since January 2004.
• CERT-In has been designated to serve as the national agency to perform the following functions in the area of cyber security:

• Collection, analysis and dissemination of information on cyber incidents.
• Forecast and alerts of cyber security incidents
• Emergency measures for handling cyber security incidents
• Coordination of cyber incident response activities.
• Issue guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents.
• Such other functions relating to cyber security as may be prescribed.

CONCLUSION

• Even though the IT Act penalized cyber-crimes with a broad brush through sections 43, 66 and 67, it was only in 2008 that the IT Act was amended and provisions were made for specific cyber- crimes such as sending offensive messages through communication servers, dishonestly receiving a stolen computer resource or communication device, identity theft, violation of privacy, cyber terrorism etc. through sections 66A to 66F and sections 67A to 67C. These amendments stick out like an unwieldy appendage.
• Therefore, it is submitted that all cyber offences in the IT Act ought to be repealed and the IPC be suitably modified (to cover all of the cyber-crimes, including those currently covered under the IT Act) at the earliest possible convenience of the legislature.