Quick Heal Technologies, an IT security solutions provider, has detected more than 48,000 MS-17-010 Shadow Broker exploit hits responsible for the ‘WannaCry ransomware’ outbreak in India. The top five cities impacted by the WannaCry ransomware in India are Kolkata followed by Delhi, Bhubaneshwar, Pune, and Mumbai.
The top five states with maximum detections are West Bengal, Maharashtra, Gujarat, NCR (Delhi), and Odisha. The company received over 700 distress calls regarding the spread of the ransomware.
A dump of MS-17-010 Windows OS vulnerability was made public by the notorious Shadow Broker group on April 14, 2017. This vulnerability affects most desktop and server editions of Microsoft Windows, it said.
Systems which did not apply a patch update for this vulnerability were affected by the WannaCry ransomware, which uses wormlike behaviour to affect vulnerable systems on the network, it said.
Many organisations and networks in over 150 countries were crippled by the recent WannaCry ransomware outbreak.
Among the attempted attacks by the malicious WannaCry ransomware, 60 per cent were targeted at enterprises and 40 per cent at individual customers.
Quick Heal and its enterprise security brand, Seqrite, detected this ransomware activity and cleaned the malicious file responsible for file encryption from all the attacked systems.
“India is getting hit hard by such attacks as India has a large number of Windows users who do not have proper security patches applied and rely on inadequate Internet security. Our observation is that the attack is not focused at any particular industry but is widely-spread across industries, especially in organisations that are online and connected,” said Sanjay Katkar, MD & CTO at Quick Heal.
“In the last few days, we have received distressed calls from customers belonging to verticals such as education, banking, financial, manufacturing, healthcare and even from a few services sectors,” Katkar added.