After A spate of cyber attacks which affected systems in many countries including India, the Maharashtra Cyber Cell plans to approach Interpol
to find out how its overseas counterparts are investigating such cases. The Maharashtra Police has registered three FIRs in cyber attack cases over the past few months. The attacks began in May, when over two lakh computer systems across 150 countries were impacted by the ransomware WannaCry. In June, another global malware attack — Petya — even affected systems in India. A terminal at Jawaharlal Nehru Port Trust (JNPT) was hit because of the attack at global container ship and supply vessel operator Maersk’s office in The Hague in Netherlands, impacting operations at the largest container port in India.
A case of extortion was registered by JNPT with the Navi Mumbai Police. The FIR states that JNPT has been asked to pay a ransom of $300 in Bitcoin. “So far, we have registered FIRs in three major cyber-related offences. While the first two pertain to ransomware, the third was in connection with the Reliance Jio data leak. We have already arrested a person in the Jio case. The accused had breached the system to create an application like True Caller to impress his peers,” said an official of the Maharashtra Cyber Cell.
The Cyber Cell has now requested government institutes and private houses to come forward and register FIRs so that the crime can be probed thoroughly. It hopes to accomplish two purposes by this: the wheels of criminal investigation would be set in motion and the investigation reports and chargesheets would serve as reference material in case of future attacks.
“The ransomware attacks made us realise the need of registering criminal cases, even if the accused is a foreigner or if the attacks have been executed from foreign soil. A criminal complaint would press the agencies into action and the attacks in India could be probed at length,” said an officer from the Maharashtra Cyber Cell who spoke on condition of anonymity.
“With cyber attack complaints increasing by the day, there is an immediate need to probe such cases so that the investigations serve as reference material for investigating future attacks and set guidelines and standard operating systems. We have asked various stakeholders to come forward and lodge complaints with us,” said the official.
“We have learnt that authorities in Russia have made some progress in the WannaCry ransomware case. We plan to write to Interpol to help us get the investigation details of the case. The information would facilitate the probe in India,” said the official.
Earlier this month, the database of Jio customers was breached and the user data posted online. Imran Chippa (25), a resident of Rajasthan who holds a Master’s degree in Computer Application, was arrested in connection with the case. The police have recovered 50 SIM cards and books about hacking from Chippa.
The Maharashtra Cyber Cell has now issued an advisory asking organisations to adopt secure software for their work. The advisory has been sent to stakeholders in the health and defence establishments, banking, the state secretariat and other critical establishment, government organisations and even private companies. “We have asked organisations to follow a list of do’s and don’ts. This includes the use of reliable software, cyber security products and applications and investment in credible antivirus systems, to name a few,” said Balsingh Rajput, Superintendent of Police, Maharashtra Cyber Cell.
“The advisory has also been published in newspapers so that every one can benefit and follow these practices to secure their systems and phones, which are also vulnerable to various kind of attacks,” said Rajput.
According to data released by the Indian Computer Emergency Response Team (CERT-In), the nodal agency that deals with cyber security threats — 27,482 cases of cyber crime were reported from January to June this year. This is higher than in 2016, when a cyber crime was reported every 12 minutes, as compared to every 10 minutes this year.