Maze ransomware operators allegedly breached the National Highway Authority of India(NHAI) where they attacked the email servers of the authority.
Maze ransomware operators allegedly breached the National Highway Authority of India(NHAI) where they attacked the email servers of the authority.
The National Highways Authority of India (NHAI), is an autonomous agency of the Government of India, established in 1988, and is responsible for the administration of over 50,000 km of National Highways out of 1,15,000 km in India. It is a nodal agency of the Ministry of Road Transport and Highways.
The attack took place on Sunday night by attackers targeting the National Highway Authority Of India ’s email server and no data loss was recorded because of the immediate action taken by the authority.
As per the safety point of view email servers were shut down and other systems remain unaffected from this attack.
Sources explained that a weak cyber security infrastructure, lax monitoring and updated legacy software have been found as some of the reasons behind the hacking of NHAI systems.
“All data in the mail server was lost. The NHAI had backup data which they loaded on the mail server. So no data is lost may be correct to a large extent but there is loss of hardware and data contained in hardware,” sources said.
Maze ransomware operators claim to have leaked 5% (around 2GB) of the total volume of data exfiltration by the Authority.
Investigations are still in progress to verify whether the attacks are from China in view of the Galwan standoff.
“There is a need to create extensive awareness exercises in NHAI and all other sensitive institutions. Updating patches in legacy software, strict following of authorisations and authentications are some of the immediate steps required,” stated Gulshan Rai , former National Cyber Security Coordinator.
He also stated that around 38% of Advanced Persistent Threat vectors have been reported to be formulated and deployed by China for spying, looting of data and IP. Even though some of the APTs are general purpose tools but others are customised for specific countries and purposes.
According to cyber security firm Sophos, 82% of Indian organizations were reportedly hit by ransomware over the last year.
“This is not a huge surprise. Cyber-hygiene is generally poor in India, and pirated technology abounds, creating weakness in cyber defences. This makes organisations vulnerable to attack,” it stated in its report.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: “BlueLeaks” Exposes Data of 200 US police Departments and Exposed Online