Ransomware Hits Polycab, Motilal Oswal, and Bira91 as Cybercrimes Came up in India Amidst the Pandemic.

India turns out to be one of the countries in the world that most often become the victims of online data breaches, and ransomware ranked the fastest growing among cyber-crimes. Several big names in the global cybersecurity industry have released reports that show that ransomware and malware activity has increased on a massive scale across the country and the organizations in it.
Though associated with increased risk, studies have shown that very few Indian companies have formal documentation for a ransomware response strategy in place. Most disturbingly, some of the companies targeted by ransomware attacks make ransom payment to the attackers so as to recover their systems and information.

Polcab India was unfortunate to get hit by LockBit.

March 17th was a challenging day for Polycab India, the country’s largest manufacturer of wires and cables, as it found itself in the trajectory of LockBit, which is the most prevalent ransomware now operating around the world. Lately a company called Polycab had an unwanted intrusion that did not affect its core IT infrastructure nor disrupt business processes.
The organization informed the stock exchange that the company’s technical staff is working with the third-party cybersecurity experts to conduct a full investigation to the incident. Polycab did not reveal whether or not it had dealt with the criminals by providing ransom amount demanded by them.

Motilal Oswal Targeted Next

Very soon after that, MOTILAL OSWAL (MOSL), a major Indian brokerage company associated with 6 million customers, became the next victim of the LockBit gang. The hackers set up a dark web page that lists MOSL name together with the timer which indicates the final deadline in which company needs to pay an undisclosed ransom amount to avoid their data disclosure to the public.
The LockBit malware has a high-profile history including attacks on such organizations as Taiwanese chip manufacturer TSMC, electronics giant and manufacturing corporation Foxconn, and also Accenture, a global consulting agency. Already this year, it’s been reported that APT has hacked Indian pharmaceutical company Granules India as well as government-operated National Aerospace Laboratories.

Bira91 Beer Brand the Company's Latest Campaign.

Indian company Bira91, a craft brewer, became another corporate victim for the LockBit malware on March 22nd. The ransomware criminals claim owning 2 terabytes of the company’s most valuable data and tease to disclose it to the public namely

  • Financial records
  • Human resources information
  • Secret beer recipes and other trade secrets
  • Databases with Indian and international partner data
  • Customer and vendor information
  • SQL databases
  • And more

“The announcement that had just been released by BianLian appeared on the Data Leak Site (DLS),” Krishnan clarified, adding that this is the domain where ransomware gangs often post evidence of their attacks to pressure victims into paying.

Ransomware Threat Continues to Loom Large

These most recent cases reflect the continued popularity of ransomware that the businesses in India as well as globally are experiencing. By 2023, according to Cybersecurity Ventures, organizations will receive ransomware attacks every 11 seconds, and the damages may climb to $30 billion worldwide.

In simple words, ransomware is a type of malware that encrypts files of the victim and prevents them from being accessible until the ransom is paid by the victims to obtain the encrypting key. Recently, ransomware groups have been using “double extortion” tactic apart from encryption, in which the criminals remove the sensitive data from the victim, and they then threaten to leak or sell the information if the demands are not met.

Protecting Against Ransomware

  1. Therefore, companies need to know what they can do to protect themselves from ransomware threats namely

    • In order to keep all systems and software updated with the latest security patches
    • Rolling out rigorous access controls and multi-factor authentication should be done.
    • Data restoration should be done regularly and the recovery processes need to be tested.
    • Offering security awareness training course for employees
    • Implementing cutting-edge anti-malware and intrusion detection technologies.
    • Formulating and preparing the formal incident response plan.
    • Acquiring cyber insurance to limit the losses.

    “The securing against [ransomware] may involve a lot of different technologies, applications, and even vendors.” So says Krishnan. “Therefore, it is a complicated task.”

Government Action Needed

Not only are there many things that some institutions can do, there are also people who are demanding that the government should provide more efforts to fight against this ransomware plague. Suggestions involve create such strong sanctions that cybercriminals get afraid, compulsory reporting of ransom payments and cooperation among the nations to block ransomware operations.

The recent Polycab, Motilal Oswal and Bira91 cyber attacks are proofs of how the cyber security landscape for businesses across India and beyond is increasingly becoming worrisome. As the number of ransomware incidents keeps on increasing, companies – irrespective of their size- must endeavor to tighten their security or run the risk of crippling financial and reputational damages. However, at the same time, the coordinate actions of law enforcement and policy makers throughout the world will equally be required to make a dent in the vehicles of the cyber criminals who masterminded this global area of concern.

This piece is based on the Forbes India reporting about this. Read the original article here: https://www.forbesindia.com/article/news/polycab-motilal-oswal-bira91-among-latest-companies-to-be-hit-by-ransomware-attacks/92331/1

Related articles

Contact us

Cooperate with us to get comprehensive IT security

We will be happy to answer all your questions and help you find the services that best suit your needs.

My advantages:

What happens next?

1

We’ll arrange a call when it’s convenient for you

2

We conduct a discovery and advisory survey

3

We are preparing a proposal

Book a free consultation

Contact EN
First
Last