Cyber Incident Victim: Government of Kerala

The WannaCry ransomware attack impacted multiple Indian government systems on May 12, 2017, with Kerala among the earliest confirmed casualties. Two districts in Kerala reported infections, including computers at a panchayat office in Wayanad. Senior police officer Manoj Abraham stated these systems ran pirated Microsoft software, making them vulnerable targets. Authorities isolated and shut down the compromised devices to prevent further spread, confirming no sensitive data was exfiltrated. Kerala's Cyberdome cybersecurity unit leveraged its dedicated ransomware response team to manage the incident. Simultaneously, West Bengal experienced infections across power utility computers in four blocks of West Midnapore district—Belda, Datan, Narayangarh, and Keshiyari—with additional systems compromised in Balurghat's South Dinajpur power department. Gujarat reported approximately 120 infected computers within its state IT network, while Andhra Pradesh disclosed over 100 affected police department systems from prior weekend infections.

The attack prompted immediate national response coordination. Union Minister Ravi Shankar Prasad confirmed proactive security updates since March 2017, including patch deployments to counter such threats. He announced plans to establish a centralized cyber coordination center by June. Globally, the ransomware impacted approximately 150 nations, slowing in intensity by nighttime on May 12. Critical infrastructure disruptions occurred in the UK's National Health Service and over 30,000 Chinese institutions, exacerbated by widespread use of unlicensed software. The malware encrypted devices running outdated Windows XP systems, for which Microsoft released emergency patches post-outbreak. No Indian central government systems were breached, though regional entities faced operational disruptions requiring system isolation and recovery efforts.