#GS-03 Cyber Security
What is Ransomware:
- Ransomware is malware that employs encryption to hold a victim’s information at ransom.
- It is used to encrypt important documents or files within a system (Crypto ransomware) or simply lock the original user out of the system (Locker ransomware).
- Unlike other cyber-attacks, in this form of attack, the user is notified of the attack.
- The first ever recorded use of ransomware occurred as early as 1989 in the form of the AIDS Trojan.
- However, this method gained prominence after the unleashing of the WannaCry Ransomware in 2017.
- Ransomware-as-a-service is a cybercrime economic model that allows malware developers to earn money for their creations without the need to distribute their threats.
- Non-technical criminals buy their wares and launch the infections, while paying the developers a percentage of their take.
- The developers run relatively few risks, and their customers do most of the work.
The Threat of Ransomware:
- Typically, cutting-edge malware like ransomware are polymorphic by design, which allows cybercriminals to easily bypass traditional signature-based security based on file hash.
- Use of anonymous cryptocurrency for payment, such as bitcoin, makes it difficult to follow the money trail and track down criminals.
Measures taken by the government:
- Indian Computer Emergency Response Team (CERT-In) is an organisation of the Ministry of Electronics and Information Technology with the objective of securing Indian cyberspace.
- It is the nodal agency which deals with cybersecurity threats like hacking and phishing.
- The “Cyber Swachhta Kendra” (Botnet Cleaning and Malware Analysis Centre) is being operated by Indian Computer Emergency Response Team (CERT-In) for analyzing BOTs/malware characteristics and providing information and enabling citizens for removal of BOTs/malware.
- The National Cyber Security Coordinator, under the National Security Council Secretariat, coordinates with different agencies at the national level on cybersecurity issues.
- National Critical Information Infrastructure Protection Centre has been set up for the protection of national critical information infrastructure.