The infamous ransomware attack is back. Indian firm caught off guard

The Indian financial conglomerate giant India bulls have been allegedly breaches by CLOP ransomware. Attackers have stolen files and highly sensitive bank related information. The files include database related to the India bulls Pharmaceuticals and subsidiaries of India bulls Housing Finance Limited. The best tech news is not necessarily to bring best of feelings to the consumers. This is one of such scenarios.  The expert says the leaked data has been sent as warning to the firm. They attacker will force the organization to accept their terms. Only then the files will be unlocked, as claimed by them.

The modus operandi of the attack

Ransom ware works in a different way as compared to traditional phishing attacks. It infects the target computer or server and restricts user’s access to the important files. The attacker asks for certain ransom to unlock the same. They lock the victim’s files through encryption. Ransomware spread through phishing links. Emails may contain these links or some attachment. The victim might click these links or open attachments treating these as some important ones. And data gets locked in seconds. These phishing mails disguise themselves as some official mail from another firm or so. It is tough for a normal user to identify a phishing mail just by looking at it. Ransomware is effective. It generally targets computers or server of firms with having a lot of sensitive information. The idea is putting the victims into fear and insecurity so that they are ready to pay the ransom amount in to time. The latest technology updates has shown cases where these kinds of attacks came from social media and messaging applications also. Latest ransomware involves a blend of sophisticated distribution algorithms as well as cutting edge development techniques to guarantee enormously difficult reverse-engineering.

Ransomware attacks throughout the globe

These attacks have been in business in last few decades. But since 2016 the world has seen most damaging ransomware attacks. The infamous Wannacry ransom ware attack happened in 2017. It was to millions of Windows operating system based computers. The attack affected several government offices, private firms and other financial and academic institutions in several countries. The US and UK were among the most affected. What should be the course of actions after an attack has already been identified? The experts say, paying the ransom does not guarantee the release of locked files. Also it does not ensure the victim will not be attacked again. It is important to keep offline backups of confidential and important files to deal with it.  Also the attackers are professional hacker. They use crypto currencies to take the ransom. So we just cannot trace them through financial transactions. From the technology point of view it is up to the operating system developers to update their antimalware features frequently. The user awareness is also important so that they can distinguish between a proper communication message and a phishing.

Response actions to be taken

As of now, no words have been shared by India bulls on the ransom amount. It has also not been clarified how the CLOP ransomware was able to breach the server of the firm. Security and IT experts have alerted all financial firms about the comeback of such attacks. Any further development will be reported though proper channel.