A Balakrishnan, Managing Director at Geojit Technologies, got a call from his IT department on Friday evening just as he was finishing work. “My head of IT said that they heard about (WannaCry) ransomware,” he said.
After the call, things began to move in a frenetic pace. Geojit has an Information Security Operations Centre (SOC) in Bandra Kurla Complex . From then on the IT team started to monitor information logs continuously and the team worked over the weekend to ensure that there was no way that this virus could infiltrate their IT systems, which trades in crores of rupees every day. “It is extremely important to keep the security devices updated with latest signatures and patches,” said Balakrishnan, adding that the team is still on high alert mode. Like Balakrishnan, several hundreds of IT security professionals spent sleepless nights over the last tow days to ensure that their company’s IT systems do not get compromised by the ransomware that has wreaked havoc globally.
So far, the virus has created a panic situation on the ground and several have been hit. “The attack came during the weekend and we are waiting for reports to come from today as companies resume operations, said Ravdeep Sodhi, an independent cyber security advisor.
While it is difficult to quantify the losses, as the threats are still active, industry watchers say that it has affected manufacturing and healthcare sectors till now. “These two sectors are using IT systems which are susceptible to this virus,” said Burgess Cooper, Partner, Information & Cyber Security Ernst & Young. In the healthcare sector, as more hospitals digitise their systems, security would need to be looked into more seriously.
Dharminder Nagar, Managing Director of Paras Healthcare, said: “We are highly underprepared to meet such attacks, with data of millions of people under threat and cannot prepare to move to a paperless, cashless society until our e-systems are secure.”
In some cases, even security software were finding it challenging to contain the virus. “Our users were protected from the initial email by our security products but the nature of this attack is that one email missed or accidentally released from quarantine can leave an organisation vulnerable to having its systems encrypted,” said Surendra Singh, Country Director, Forcepoint.