Malware attacks: Govt rushes cyber security advisor to Mumbai

Terming the situation as "extremely serious," a senior official from the Maharashtra government's cyber cell said it is an impact on the country's external trade when systems dealing with the cargo and ships at the largest port get affected.

It is because of these concerns that Rai has rushed to Mumbai, sources said adding he is expected to reach Mumbai this evening. When asked about the impact of the malware attack, Brijesh Singh, Maharashtra state cyber cell chief, said, "The state government's departments such as Customs, Excise etc are not affected in this attack. The computers used in these departments are safe and functioning. The computers used by various companies and Maersk's system, which handles the movement of ships is affected."

"The state government has also asked for cyber support from Indian Computer Emergency Response Team (CERT-in), the national team for cyber security. The additional manpower will be helpful to find solution," Singh said.

"We are trying to shift some work to manual as we need to streamline the ships and their scheduled arrival, stay and departure," he said.

Operations at the JNPT were impacted last night as a fallout of the global ransomware attack, which crippled some central banks and many large corporations in Europe.

AP Moller-Maersk, one of the affected entities globally, operates the Gateway Terminals India (GTI) at JNPT, which has a capacity to handle 1.8 million standard container units. The current attacks come weeks after the Wannacry ransomware attack, which affected systems of many companies.

Top IT security firms have warned that the latest 'Petya' malware could be particularly potent as it uses "multiple techniques" to automatically spread in a network soon after the first system is infected.

The attack, which comes within weeks of a similar cyber attack called WannaCry, has been spreading through Europe, and seems to be making its way into India.

Security solutions company Sophos said the latest version of malware is particularly "virulent" because it uses multiple techniques to spread automatically within a company s network once the first computer is infected.

Matt Moynahan, CEO of Forcepoint said the latest attacks demonstrate the vulnerability of critical infrastructure.

From the government to the boardroom, leaders need to make cyber resiliency a requirement, putting focus and funding behind it, he noted.

Once infected by the ransomware, the systems are locked and a demand of $300 in Bitcoins is made to recover the files. However, it is not clear whether the systems are decrypted after the payment is made.

Security firm Kaspersky cited its data to say that about 2,000 systems were impacted as of Tuesday, with organisations in Russia and Ukraine being hit, the hardest. Systems in Britain, France, Germany, Italy, Poland and the US were also impacted.

India's largest container port JNPT on Wednesday asked operator AP Moller-Maersk to divert traffic of its terminal hit by the ransomware attack to other two units after operations slowed.

"There is a slowdown in operations at the GTI Terminal and we have to reduce the impact on the exim trade. So, we have asked them to divert traffic to the other two terminals," a senior port official told PTI.

The impacted terminal handles 4,500 containers per day on both the export and import front, the official said, adding that the other two terminals operated by DP World and one by state-owned JNPT itself have the capacity to handle the extra volumes.