Ransomware WannaCry can target Aadhaar data
Aadhaar being linked to bank accounts and other sensitive resources makes it a big threat target for hacking.
Hyderabad: Aadhaar data stored with the Unique Identification Authority of India (UIDAI) could be threatened by attacks from ransomware like WannaCry, which has been rampaging through many countries. There are no reports of such an attack on the data so far but the sharing of Aadhaar data with other agencies could lead to threat to or to destruction of data from the server, says regional director of Computing Technology Industry Association (CompTIA) India, Pradipto Chakrabarty.
Sharing CompTIA's views on the ransomware, Mr Chakra-barty said that it was scary to envisage such an attack on the UIDAI. “Aadhaar was a predominantly non-linked service earlier, which means that it contained mostly demographic information of citizens. But it is now being linked to bank accounts, income tax, and other more sensitive resources like mobile service operators etc. This makes it a huge threat surface for hackers to intrude.
“Imagine a situation where an intrusion happens through Aadhaar. Since the user’s bank account is linked with his Aadhaar number, the ransomware can potentially lock down the account and make it unusable unless a ‘ransom’ is paid. As of now, the current attack in Europe does not indicate its spread to individual services but one can easily imagine the scale of destruction if a similar incident happens with UIDAI,” Mr Chakrabarty pointed out.
He said that as we move towards a cashless economy, the volume of electronic usage will increase “and since Aadhaar is linked to your bank account, the attacks are quite possible if we are not adequately prepared. The sheer volume of Aadhaar numbers and their linked financial accounts is an indication of the tremendous risk that we run if there is such an attack on the Aadhaar system.”
Responding to alerts by CompTIA, Deputy Director General of UIDAI, MVS Rami Reddy, told this newspaper that no such threat to the database of Aadhaar has been detected. “We are maintaining secure servers and monitoring the current scenario,” he said.