India State-Owned Hydrocarbon Producer Hacked by a Cyber Attack, Criminals Demand for 196 Bitcoins

Since Sunday, an alleged cybercrime on Oil India Limited (OIL) has forced the PSU major to shut down its IT systems at its headquarters in Duliajan, Assam's Dibrugarh district.

The Oil India Limited (OIL) is the second largest state-run oil and gas company in India founded in 1959, directly under the jurisdiction of the India government Ministry of Petroleum and Natural Gas and engaged in crude oil and natural gas exploration, development and production. The company owns over 100,00 square kilometers licensed areas for oil and gas exploration. Its business extends dozens of countries from Libya, Nigeria, Sudan to Mozambique, Iran and United States.

The hackers have reportedly demanded 196 bitcoins as ransom, which is worth of over $75,00,000 with each bitcoin charges around $38,000 at the current market price through a note from the infected PC. Whether the company is going to pay the ransom remains unknown.

The company’s spokesperson Tridiv Hazarika said they detected the serious outages in the computers on Sunday and disabled the systems as the precautionary measure. Luckily, the cyberattack did not affect the company’s daily operations and its drilling activities are not interrupted. Still, OIL server, network and IT related services are affected incurring huge financial loss. The company asked for help from international IT security consultant and restored its computers.

How to protect from ransomware attacks?

Cyber attack today festers in all walks of life around the world, OIL is not the first one to bear the brunt, nor will it be the last. No company or organization can fully defend itself against the increasingly complicated cyber threats, but it’s very important that companies are well-prepared as possible. So, how to prevent cyber crime?

The strong IT defense system offers basic protection from sudden ransomware attack by hackers, so strengthen the security posture with integrations and APIs. Stay vigilant at unauthorized access request, you need to see and detect potential attacks to stop encroachment. The last but not least, protect your backup data and ensure rapid recovery afterwards. Vinchin Backup & Recovery is a virtual machine backup service that offers complete data protection solutions from data backup to disaster recovery to fight against ransomware attacks.

1.     Backup beforehand with mature backup strategies

Vinchin Backup & Recovery has Full Backup, Differential Backup and CBT/SpeedKit-aided Incremental Backup available, you can choose the suitable strategies under the configured schedules to run the backup tasks automatically. The CBT (Changed Block Tracking) and SpeedKit (CBT alternative which fully utilizes snapshot technique) can be used to efficiently extract changed data blocks for faster incremental backup. By enabling Data Deduplication and Data Compression, you can save more backup storage resources for storing higher volumes of valuable data.

2.     Anti-ransomware backup technology

To protect backup data stored in Vinchin backup server, Vinchin Backup & Recovery adds anti-ransomware capacity to backup storage using real-time I/O monitoring technology. Unauthorized applications' requests to modify backup data will directly be denied by the smart detection. The visit will be denied if ransomware or other malware tries to change the backup. Even if something goes wrong with your data center, the majority of your backed-up data is still highly recoverable.

3.     Effective recovery after cyberattacks

Vinchin Backup & Recovery offers complete features to comply with 3-2-1 backup rule to help minimize data loss after disaster and cyberattacks. Besides on-premises scheduled backup, the software also supports offsite backup copy and cloud archive to make sure maximal data integrity when the local production system and the local backups are unavailable. You can either choose to recover the business at remote site using offsite backup copies, or transfer archive data back to the local production environment to have a quick data recovery.

Conclusion:

The media has spilled much ink over the ever-growing cybercrime lists, and it seems that no one can be immune from the hit, be you are nobody or a giant. But it’s exactly the random attacks from the dark we are facing that make us alert to any potential threat to our data. Back up now to be prepared because this is the last thing we want to cry for the delay.