Akira Ransomware is new in line which prompted GoI to issue serious warnings to ensure cyber security. Learn about Akira, Ransomwares and Govt. initiatives in this blog post for UPSC Mains GS3: Cyber Security

How does ransomware infect devices?

Spread via:

- phishing email campaigns with malicious attachments containing archived content files (zip/rar)
- Drive-by-download cyber attack that downloads malicious code
- Insecure remote desktop connections

Akira Ransomware

- Designed in a manner that it encrypts data, creates note for ransomware and deletes copies on impacted devices
- The files are left with the extension .akira (and hence the name)
- Uses VPN to have users download malicious files

CERT advise to protect against ransomware (to be quoted in Mains answers directly)

- Practice basic internet hygiene, protection measures and relevant protocols to ensure security against ransomware
- Update all operating systems and networks regularly with virtual patching for legacy systems and networks
- Companies shall establish domain-based message authentication, reporting, and conformance, Domain Keys Identified Mail (DKIM) and sender policy for organizational email validation preventing spam by detecting spoofing
- Strong password policies and Multi-factor authentication must be enforced
- Periodic security audits of critical networks
- Strict external device usage policy

Government initiatives wrt cyber security

• National Cyber security Coordination Centre (NCCC)

  • 2017 developed to detect real time cyber threats with a mandate to

    • scan internet traffic

    • communicate metadata

• Computer Emergency Response Team (CERT-In)

  • MeitY organization to secure India’s cyberspace

  • Offers incident prevention and response services

  • Nodal agency to deal with hacking/phishing

  • Issues alerts on cybersecurity incidents

• Indian Cyber Crime Coordination Centre (I4C)

  • Set up in 2018 to deal with all sorts of cyber crime in a comprehensive manner

  • HQ: New Delhi, got 7 components

• Cyber Swachhta Kendra

  • Made in 2017, platform was launched to help users clean their computers and wiping out viruses and malwares

• Cyber Surakshit Bharat

  • 2018 launched to spread awareness on cybercrime

  • Aims to build capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.

• Cyber Insurance Policy

Hi, at @CSEWhy I invite you to support me! You can do that in three simple ways:

1. Become a blog contributor and have your write ups featured on my blog. Write me an email if you’d want to be a contributor at whycse@gmail.com

2. Share the link to this post on your WhatsApp story

3. -OR-  Contribute a small amount (Pay What You Want) by clicking here (I send a valuable gift to everyone who makes a contribution)

To find links to my Twitter, Telegram, YouTube and Podcast Click here