New Delhi: The corporate affairs ministry’s key portal for making filings by companies -- MCA21 -- came under WannaCry ransomware attack last month, affecting certain services. The attack was “presumably" the first on a central government portal and prompt measures were taken to contain the impact, according to an official document.
Last month, the WannaCry ransomware cyber attack impacted computer systems and networks in more than 150 countries, including India. MCA21, which is managed by IT major Infosys, provides for making electronic filings related to compliances under the Companies Act and Limited Liability Partnership Act, 2008. “During May 2017, the MCA21 system was subjected to WannaCry ransomware attack.
The attack was in the nature of a ‘zero day attack’ and was first noticed on 7 May," the document said. Generally, zero day attack refers to hackers exploiting a flaw in a software system that is not known to the vendor itself. “The attack was presumably one of the first such attacks on a Government of India portal," the document stated.
While some document related to front office and back office services were initially affected, technical teams took prompt measures to contain the impact and informed the CERT-In immediately, it added. CERT-In is the government’s cyber security arm. As per the document, the system servers were re- formatted and the systems were re-deployed. “The prompt measures helped all services being restored fully without any loss by 12 May," it said.
Contacted for comments on the matter, an Infosys spokesperson said, “We recommend a conversation with the (corporate affairs) ministry on this matter." The query sent to Corporate Affairs Secretary Tapan Ray remained unanswered. An e-governance initiative of the ministry, MCA21 enables secure access of the services to corporate entities, professionals and citizens of India.
On an average, at least 8,000 filings are made through the portal daily. Last month, the government had said there was no serious impact on the country from a global ransomware cyber attack, except for a few isolated incidents in Kerala and Andhra Pradesh, and that steps were being taken to deal with any future threat.
“There is no major impact in India unlike other countries. We are keeping a close watch. As per the information received so far, there have been isolated incidents in limited areas in Kerala and Andhra Pradesh," Information and Technology Minister Ravi Shankar Prasad had said on 15 May. The WannaCry attack is reported to have impacted over two lakh computers in more than 150 countries.
Hackers were believed to have used techniques stolen from the US National Security Agency to encrypt files within affected computers, making them inaccessible, and demanded $300 ransom.