In a recent incident that underscores the growing threat of cybercrime, a private firm in Bengaluru, BSR Infratech India Ltd., was targeted by ransomware attackers. The cybercriminals demanded a hefty ransom of $80,000 (approximately INR 66.7 lakh) to decrypt the company’s data, threatening to sell the stolen information on the dark web if their demands were not met.
The Growing Menace of Ransomware
Ransomware attacks have become a global menace, increasingly profitable for cybercriminals. These attacks typically involve hackers encrypting an organization’s data and leaving a message on the compromised computer systems, instructing the victims to pay a ransom for the decryption key. Once the ransom is paid, the attackers promise to provide the means to decrypt the data.
Details of the Attack on BSR Infratech
The ransomware attack on BSR Infratech, a construction firm based in Yelahanka, Bengaluru, occurred in late February. However, the incident only came to light on March 28th, following the filing of a police complaint by the company. An employee of BSR Infratech explained that the delay in reporting the attack was due to the time taken to verify the details before approaching the authorities.
J Ajay Krishna, a company employee and the complainant, provided further insights into the incident. According to Krishna, the hackers gained access to sensitive information, including details of employees, clients, customers, and various business-related data. The compromised data files were then encrypted by the attackers.
Subsequently, the hackers left a message in a .txt file on the company’s computers, directing BSR Infratech to contact them via the email addresses Lockhelp1998@skiff.com and retryit1998@tutamail.com for the decryption key.
“If the demands were not met, the hackers threatened to sell the data on the black market,” the complainant claimed, as per the FIR seen by DH.
Reading Resources: Should you pay the ransom after a ransomware attack?
Response and Investigation
A source within BSR Infratech confirmed the occurrence of the hack but declined to provide further comments, citing a lack of authorization to speak to the media.
In response to the complaint, the Northeast Cyber Economic and Narcotics (CEN) Crime Police registered a case under Section 66 (computer-related offences) of the IT Act. A senior police officer informed DH that the investigators were thoroughly examining the claims made in the complaint. “The servers are down for data copying for the time being,” the officer stated. “But the company are saying that most of their data was intact.”
Conclusion
This incident highlights the critical need for organizations to bolster their cybersecurity measures and promptly report any cyberattacks to the authorities. As ransomware attacks continue to rise, businesses must stay vigilant and prepared to mitigate such threats to safeguard their valuable data and operations.