Of the more than 48,000 attempts of WannaCry ransomware detected in India, majority of them came in from Kolkata, followed by cities such as Delhi, Bhubaneswar, Pune and Mumbai, according to IT security firm Quick Heal Technologies.
The top five States with maximum detections were West Bengal, Maharashtra, Gujarat, NCR (Delhi) and Odisha, and of the total attacks 60 per cent were targeted towards enterprises and 40 per cent individual customers.
“These were detected across our user base, and these 48,000 did not have an impact as we already had patches installed. India is getting hit hard by such attacks as the country has a large number of Windows users who do not have proper security patches and rely on inadequate internet security,” said Sanjay Katkar, MD and CTO at Quick Heal Technologies, told BusinessLine .
WannaCry is a highly-prolific ransomware campaign that has crippled many organisations and networks across 150 countries since May 12. WannaCry is self-propagating (worm-like) ransomware that spreads through internal networks and over the public internet by exploiting a vulnerability in Microsoft Server Message Block (SMB) protocol.
On Monday, Quick Heal told BusinessLine it had detected more than 48,000 MS-17-010 Shadow Broker exploit hits that were responsible for WannaCry ransomware outbreak in India.
A dump of MS-17-010 Windows OS vulnerability was made public by the notorious Shadow Broker group on April 14, 2017. This vulnerability affects most desktop and server editions of Microsoft Windows.
“We received more than 700 distressed calls – from industrial verticals such as education, banking, financial, manufacturing, healthcare and services sectors - regarding the spread of this ransomware,” he added.