What the Kenyan government needs to learn from India to prevent future ransomware attacks

Ransomware Attacks

On May 12, 2017, the global cyberspace was hit by the WannaCry ransomware attack that crippled hundreds of thousands of computer systems in over 150 countries.

In Kenya, the WannaCry virus, which is considered to be one of the deadliest to have ever hit the World Wide Web, affected at least 19 companies. According to the Communications Authority of Kenya, the Kenya Computer Incident Response Team (KE-CIRT) received reports of the attack, but there was no mention of whether the affected institutions were able to regain control of the affected systems.

Once a system was affected, the WannaCry ransomware encrypted important files stored on the computer and demanded that the user pays $300 (about Ksh 30,000) in order for the files to be decrypted. If you give in to the demands of the hackers and pay the ransom on time, you’ll regain control of your system (s). As for those who fail to comply, they end up losing the data stored on these systems, which could be even more costly than the $300 demanded by the attackers, especially in cases where high-profile institutions such as banks and hospitals are the victims.

Now, in another similar incident that occurred a few weeks ago, a new ransomware attack dubbed Petya has been spreading like wildfire. The attack originated in Europe, where more than 60% of the affected systems are based in Ukraine. As usual, the attackers are targeting high-profile institutions, with the country’s central bank, metro transport system, airport and the Chernobyl power plant among the affected institutions.

Petya has also made its way to countries such as Russia, the UK, France, Denmark, the U.S., China and India, among others. Similar to WannaCry, Petya, also known to some experts as “NotPetya” or “GoldenEye”, locks files stored on a computer and demands that the users pay $300 in order to free up the files.

Easy targets

WannaCry, Petya and other malicious attacks have been targeting systems that are still based on old copies of Windows OS. Many institutions, households and small businesses are still using Windows XP, an operating system that was discontinued or rather stopped receiving security patches in 2014. Due to the lack of security updates, it means that systems based on this OS are vulnerable to attacks of this kind, which makes them easy targets for hackers.

Ransomware Attacks

In order to stay safe, it’s important that these computers be updated to the latest operating system, which is Windows 10. Microsoft regularly sends security updates to this OS in order to keep users safe from malicious attackers, but the older versions are not factored in. Hackers and malicious attackers are aware of this, which makes their jobs even much easier.

India’s case

In India, for instance, there are over 50 million users of Windows OS, however, only a fraction of this figure has the latest Windows 10 installed on their computers. In an attempt to ensure that at least everyone has the latest and most secure Windows 10 OS running the show, the Indian government, through the country’s cyber security coordinator, Gulshan Rai, is pushing the American tech giant to lower the prices of the new OS so that it’s affordable to everyone, including households, Reuters reports.

This call came after the country was also a target in the latest ransomware attack, where two port terminals operated by shipping company AP Moller Maersk had their operations crippled. When WannaCry struck India back in May, the government started pushing institutions to upgrade to the newer version of Windows 10, something that has helped minimize the damage caused by Petya.

In order to prevent such future attacks, Rai and his team now want Microsoft to discount the prices of both Windows 10 Home and Windows 10 Pro so that many can make the switch to the new OS. Currently, the former retails at about $124 while the latter is priced at about $232, price tags that households and small businesses in India are not able to meet, hence the decision to stay on old software.

Apparently, India wants Microsoft to offer the new Windows 10 at “throwaway prices” believed to be less than a quarter of the current prices. This could mean the standard version may retail at about $30 while the Pro version at about $60.

Back home

The situation in India is not different from what is happening in Kenya. There are many Windows OS users, but very few people have already upgraded to the latest version of the OS. The main reason behind this is the cost of the OS, but if the Kenyan government picks up one or two things from what India is doing, many would find it a lot more affordable to make the switch to Windows 10.

Ransomware Attacks

With Windows 10, users will be protected from future ransomware attacks thanks to features such as Controlled Folder Access that is set to make its debut this September through the Fall Creators Update. This feature will alert users whenever a malicious app tries to access, edit or write to important files stored in specific folders on your computers such as Documents, Movies, Pictures or even files on your desktop.

Windows 10 is also guaranteed of regular security updates that are aimed at patching any vulnerability discovered in the OS before hackers exploit it. This makes it virtually impossible for hackers to execute their attacks on these systems because they are always protected.

If Microsoft gives in to the Indian government’s plea, we could see other countries take a similar route as well. Hopefully, the Kenyan government will be part of this development; otherwise, we’ll always be easy targets for these hackers whenever they plan similar attacks in future.

Drop us your thought(s)