We had extensively discussed the e-mail threat received by Wipro some time back in which an e-mail had been received by Wipro threatening that if Rs 500 crores is not paid in Bitcoins, they would spread “Ricin” in Wipro premises through Drones or mix it with food in Wipro canteens. Ricin is a poison extract from Castor seeds and can cause death. Extracting Ricin from Castor sludge from a castor oil extraction plant is considered to be easy.
There were two ways of dealing with the threat. One was to consider this as a prank or an empty threat from a disgruntled employee and ignore. This was easy and instinctive. The second was to take it seriously and take steps as if the attack was imminent.
Naavi.org had indicated that there was a need to take the threat seriously and suggested a series of measures mostly to be taken by the Police to meet the contingency of the attack actually being played out. This included registering the case as a “Terror Threat” and go about tracing the e-mail with international assistance.
However, Karnataka Police took things lightly and registered the case as an ordinary e-mail threat and transferred it to the local police station in Bellandur. The Cyber Crime division traced the e-mail to a Switzerland IP address and left it to the Bellandur police station to follow up with CBI and Interpol to try to find out the sender. It was clear that everybody assumed that we will not hear about it once again and the prank can be forgotten.
But unfortunately, it is now reported that the e-mail threat has returned to haunt WIPRO once again with a renewed threat. The sender is aware that the earlier e-mail was not traced and was bold enough to use the same e-mail address ramesh2@protonmail.com.
Now the problem is back on the desk of the Police. Will they continue to ignore the threat (As reported in this article in Indian Express) and expect the Bellandur Constable to trace the Switzerland IP address and crack the case? or Will they invite the Anti Terror department of the Police to come in and take up the investigation?.
WIPRO says that they have taken some safety measures. Hope they are safety measures to prevent any form of dispersion of RICIN on any of the premises of WIPRO. They appear to have reported the incident to CERT IN and consider it as a sufficient fulfillment of the data breach notification requirements. It is not known if CERT IN has made any investigations and tried to trace the e-mail which should have been sent from India through some Proxy servers.
At this time we cannot say anything other than regretting that neither the Police nor the Company appear to be keen on escalating the issue to a “High Level Threat” and wish that it would simply go away.
If by any remote probability the threat gets executed and we are caught unprepared, then it would be in the fitness of things that the persons responsible for the negligent handling of the incident may have to stand trial for gross negligence leading to loss of life.
Let’s pray that nothing of that sort happens…. because I am talking of my personal friends both in the Police and Wipro whom I include in not being serious enough in this incident.
Naavi