Unfortunately, India is among the top 5 ransomware threatened countries

India is among the top five countries in the world to be attacked by ransomware malware that forces its victims to pay a ransom through certain online payment methods in order to grant access to their systems, or to get their data back, says an executive from Russia-based software security group Ransomware attacks are high in India and it is one the top five countries that has most infections,” Vitaly Kamluk, Head of APAC Global Research and Analysis Team, Kaspersky Lab, told IANS.

According to statistics presented by Kamluk during a round table discussion on “Security Threat landscape”, India takes the first spot in the list of countries that were attacked by Teslacrypt ransomware in March-May 2016 and ranked fourth in the countries that was attacked by Locky ransomware during the same period. In India, while 11,674 users were attacked by TeslaCrypt ransomware during March-May 2016, 564 users were attacked by Locky ransomware during the same period.

Ransomware is a type of malware that prevents or limits users from accessing their system. Locky is a Windows ransomware infection that was released in the middle of February 2016. This ransomware infection affects all versions of Windows. TeslaCrypt ransomware is now defunct. Its master key was released by the developers and a free decryption tool is now available on the internet.

While explaining the data received by Kaspersky Labs, Kamluk said Karnataka (36.58 per cent) was the most affected state with ransomware with Tamil Nadu (16.72 per cent) taking the next spot. Next came Maharashtra (10.86 percent), followed by Delhi (10.00 percent), West Bengal (6.70 percent), Uttar Pradesh (5.33 percent), Telangana (4.54 percent), Kerala (3.87 percent), Gujarat (2.35 percent) and Haryana (1.96 percent) at the last spot.

While talking about the global trends, Kamluk said there are majorly five types of ransomware that are making the rounds on the internet today encryption ransomware, master boot record (MBR) ransomware, screen locker, ransomware encrypting web servers and mobile device ransomware, which is majorly affecting Android devices.

Kamluk noted that Internet users who are not aware are the entities most prone to ransomware attacks. “Popular propagation methods of the infection include infected websites, malvertising (malicious advertising), transfer of affected file via e-mail – such as documents or multimedia files or instant message and social networks,” he noted.

On being asked, will there be a decline in antivirus software usage after the launch of hardware security modules such as “crypto-level security in hardware” in microprocessors, Kemluk said, “Antivirus software is kind of a personal advisor. Unless you have a very technical friend to reverse engineer the threat, you will need these softwares to do that work for you. Antivirus softwares are going to stay because developers will be developing new softwares over time.”

Kaspersky is now rolling out 360-degree security solutions for enterprises, Altaf Halde, Managing Director (South Asia) Kaspersky Lab, India said.