Maharashtra’s Information Technology department has apparently managed to stop the spread of the Locky ransomware virus across Mantralaya’s computer systems. A senior official within the government claims that the threat is over and all the data secured within its servers are safe.
According to PTI, the Locky virus had affected nearly 150 computers in Mantralaya. The list of affected departments includes Revenue and Public Works. VK Gautam, the IT agency’s Principal Secretary, says that damaged PCs have now gone into quarantine and are being transported for forensic analysis.
He went on to assert that all data within the the Maharashtra Local Area Network (Maha LAN) is safe from prying eyes. The Locky ransomware first started spreading across the administrations devices last week. Gupta thinks it snuck into the Maha Lan network courtesy a spam mail.
Once it hits a computer, the virus starts encrypting content like DOC and PPT files into Locky-branded ones. This is similar to how malicious ransomware normally works, compelling the victim to pay over a certain sum in exchange for freeing the documents.
Also Read: Cyberespionage group Suckfly targeting Indian govt: Symantec
In this case, the system asked for a lock key which could only be obtained through a ransom amount paid via Bitcoins. The attackers fooled government employees into opening the spam mail by utilizing an official email ID. Gautam recommends people employ safeguards when opening messages such as checking to see if the sender is authentic before opening any mail.
For now, Gautam claims that the IT department has fortified its server and data center following the scare.