Kerala Police Cyberdome authorities, however, say risk is yet to abate fully

The ransomware threat that locked out individual users and crucial services in the West and Southeast Asia from their computers last weekend appeared to have largely bypassed Kerala’s critical information infrastructure.

However, revenue staff in far-flung village offices in Wayanad, Pathanamthitta, Kollam and Thrissur told the police on Monday that they opened their Internet-linked workstations after weekend to find them virus-infected. The grama panchayat offices of Aruvappulam in Konni and Enadimangalam in Adoor in Pathanamthitta district and Thariode in Wayanad were among the target of the attack.

Inspector General of Police Manoj Abraham, Nodal Officer, Kerala Police Cyberdome, the State law enforcement’s cybercrime research unit, told The Hindu that risk was yet to abate fully.

The fallout of the attack in Kerala was so far minuscule compared to the havoc it had wreaked elsewhere, he said.

Educational institutions opening after summer vacation and students are in potential peril if they do not initiate steps to circumvent the hazard.

Cyberdome, which highlighted the threat at the governmental level in March, is monitoring the social media for reports of ransomware attacks.

The computer shutdowns reported so far in Kerala are the residual of the crippling first wave that unfolded across continents on Saturday, hobbling thousands of high-priority computer networks.

The aftershocks of the attack appeared to be abating the world over as software vulnerabilities that helped the malware metastasise through networks were expressly patched.

Anil Kumar, Circle Inspector, Cyberdome, said the “Wannacry” version of the ransomware that hit computers across the world could “mutate” and new and more lethal versions might be around the corner.

Hence, Cyberdome has initiated a special research unit to study, anticipate and develop tools to blunt such pulverising assaults.

Cyberdome has an inventory of 25 tools at its disposal to tackle ransomware family of viruses. It is developing many more.

A top Kerala police officer, who was in touch with his counterparts in New Delhi, said the “emerging view” among law enforcements was the attack was aimed more at discrediting a popular operating system than reaping profit by extorting ransom from targets. In the past, ransomware attacks were targeted against high-profit businesses or individuals.

The ransom was paid as bit coin and the issue settled secretively. The span of the current attack indicated, prima facie, the criminal motive was more linked to the corporate battle over the share of the global software market.