Madhya Pradesh Power Management Company (MPPMC) which oversees the management of electricity in the state has been hit by ransomware attack.
The state-run entity said on Sunday that it has approached police after a ransomware attack on May 22 that crippled its internal information technology system used for communication among its different functionaries.
A press note issued by MPPMC quoted chief general manager (IT) Reeta Kshetrapal as saying that a “ransomware attack was detected in the company’s internal IT system on May 22”. MPPMC is scanning the servers as per the guidelines of the government and trying to restore them with precaution, Kshetrapal added.
The internal IT system, also known as IABS system, has been set with help from L&T InfoTech and is used for internal communication with different functionaries, the release said.
“The restoration work of the IABS internal IT system is being carried out by the engineers of L&T InfoTech under the guidelines of the Union government’s nodal agency Indian Computer Emergency Response Team (CERT-In) that deals with cyber threats,” she said.
Subsequently Madhya Pradesh State Electronics Development Corporation (MPSEDC) and CERT-In have been informed about the cyber-attack, the release added.
Nearly three-fourth (73%) of Indian organisations were hit by ransomware last year, up from 57% in 2021, according to cybersecurity firm Sophos’ annual “State of Ransomware” report, released on Wednesday. In comparison, 66% of global companies said that their organisation had experienced a ransomware attack in the last twelve months. The report found that exploited vulnerabilities (35%) and compromised credentials (33%) were the most common causes of attacks.
Last month, CERT-In also warned that ransomware attacks in India have increased by 53% in 2022.
To be sure, critical infrastructure providers especially healthcare, oil, power and defence-related firms are increasingly being targeted in recent years. For instance, in November 2022, top public hospital AIIMS Delhi was targeted by a ransomware attack that disrupted most of its online services for over two weeks. In January, a Nagpur-based Solar Industries Limited (SIL), which makes industrial and defence explosives and counts Indian Army among its customers, was reportedly targeted by a ransomware attack.
In terms of ransom paid, 66% of organisations said that they paid less than $100,000, while 29% paid between $100,000 and $499,999, the Sophos study said, adding that Indian organisations incurred an average bill of $1.03 million after a ransomware attack. However, it noted, even if the amount of ransom paid by organisations is not significant, they end up losing a significant amount of revenue due to business downtime, manpower costs, network costs, and loss of customers.
"Paying ransoms not only enriches criminals, but it also slows incident response and adds cost to an already devastatingly expensive situation,” said Chester Wisniewski, field CTO at Sophos.
On the MPPMC incident, a source familiar with the incident told PTI that those behind the ransomware attack had not sought money as yet but had provided email IDs to contact them.
Meanwhile, the state cyber cell's Jabalpur Superintendent of Police Lokesh Sinha told PTI that an investigation has begun on the complaint received from MPPMC on the ransomware attack on its IT system.