Indian news agency hit by massive ransomware attack — servers were down for hours but no payment was made
Oct 26, 2020, 17:54 IST
Hackers broke into the servers of news agency Press Trust of India (PTI) over the weekend, crippling its service for hours on Saturday night before they were resumed.
According to a company spokesperson, "The computer servers suffered a massive ransomware attack, disrupting operations and the delivery of news to hundreds of subscribers across India for several hours before they were restored after an all-night effort by engineers".
According to sources, no ransom was paid and the engineers worked through the night to restore the services by Sunday morning.
The ransomware was identified as LockBit that encrypted data and applications, crippling the news delivery to subscribers.
LockBit functions as ransomware-as-a-service (RaaS).
According to cyber security firm Kaspersky, LockBit ransomware is a malicious software designed to block user access to computer systems in exchange for a ransom payment.
LockBit will automatically vet for valuable targets, spread the infection, and encrypt all accessible computer systems on a network.
This ransomware is used for highly targeted attacks against enterprises and other organisations.
LockBit is a new ransomware attack in a long line of extortion cyberattacks.
Formerly known as "ABCD" ransomware, it has since grown into a unique threat within the scope of new extortion tools.
The moniker was in reference to the file extension name used when encrypting a victim's files.
"Notable past targets include organisations in the United States, China, India, Indonesia, Ukraine. Additionally, various countries throughout Europe (France, the UK, Germany) have seen attacks," according to Kaspersky.
SEE ALSO:
Kotak Mahindra Bank still on ‘alert’ as profit improves 27% over the last three months
National Security Advisor lays ‘New India’ doctrine ahead of Pompeo’s visit to India
IndusInd Bank shares rally 4% after promoters refute reports of merger with Kotak Mahindra Bank
Advertisement
According to a company spokesperson, "The computer servers suffered a massive ransomware attack, disrupting operations and the delivery of news to hundreds of subscribers across India for several hours before they were restored after an all-night effort by engineers".
According to sources, no ransom was paid and the engineers worked through the night to restore the services by Sunday morning.
The ransomware was identified as LockBit that encrypted data and applications, crippling the news delivery to subscribers.
LockBit functions as ransomware-as-a-service (RaaS).
Advertisement
LockBit will automatically vet for valuable targets, spread the infection, and encrypt all accessible computer systems on a network.
This ransomware is used for highly targeted attacks against enterprises and other organisations.
LockBit is a new ransomware attack in a long line of extortion cyberattacks.
Formerly known as "ABCD" ransomware, it has since grown into a unique threat within the scope of new extortion tools.
Advertisement
Attacks using LockBit originally began in September 2019, when it was dubbed the ".abcd virus."The moniker was in reference to the file extension name used when encrypting a victim's files.
"Notable past targets include organisations in the United States, China, India, Indonesia, Ukraine. Additionally, various countries throughout Europe (France, the UK, Germany) have seen attacks," according to Kaspersky.
SEE ALSO:
Kotak Mahindra Bank still on ‘alert’ as profit improves 27% over the last three months
National Security Advisor lays ‘New India’ doctrine ahead of Pompeo’s visit to India
IndusInd Bank shares rally 4% after promoters refute reports of merger with Kotak Mahindra Bank