Ransomware Exercise

Context

India’s National Security Council Secretariat (NSCS) and the UK Government in collaboration with BAE Systems successfully designed and conducted the Cyber Security Exercise for 26 Countries.

About

The exercise has been conducted as part of the International Counter Ransomware Initiative- Resilience Working Group which is being led by India under the leadership of National Cyber Security Coordinator (NCSC).
The exercise has been facilitated by BAE Systems (a British multinational arms, security, and aerospace company) through the Immersive Labs platform.
The scenario has been written specifically for the participants based on Threat Intelligence and operational experiences.
The theme of the exercise is based on Energy Sector in which the respective National Cyber Crisis Management Teams of the CRI Partner Nations will have to deal with a ransomware attack on multiple electricity distribution companies.
The aim to organise this virtual Cyber Exercise on Ransomware Resilience is to simulate a large, wide-spread cyber security incident affecting organisations within a country.

Ransomware attack

A ransomware attack is a cyber-attack using malware that encrypts the victim’s files and requires users pay a ransom to decrypt the files.
Hackers also added the element of downloading all the data on an enterprise network before encrypting it.
The hackers can then threaten to leak the data if the ransom is not paid.

Other terms related to it

Virus: Viruses attach themselves to clean files and infect other clean files. They can spread uncontrollably, damaging a system’s core functionality and deleting or corrupting files.
Trojans: This kind of malware disguises itself as legitimate software, or is included in legitimate software that has been tampered with. It tends to act discretely and create backdoors in your security to let other malware in.
Spyware: It hides in the background and takes notes on what you do online, including your passwords, credit card numbers, surfing habits and more.
Worms: Worms infect entire networks of devices, either local or across the internet, by using network interfaces. It uses each consecutive infected machine to infect more.
Ransomware: Also called scareware, this kind of malware can lock down computer and threaten to erase everything — unless a ransom is paid to its owner.
Adware: Though not always malicious in nature, particularly aggressive advertising software can undermine security just to serve ads — which can give a lot of other malware a way in.
Botnets: Botnets are networks of infected computers that are made to work together under the control of an attacker.