Indian Computer Emergency Response Team (CERT-In) issued an alert to the Ministry of Road Transport and Highways on Sunday regarding “targeted intrusion activities” with “possible malicious intentions” aimed at the Indian transport sector, the Hindustan Times reported.
Following the alert, the ministry issued an advisory to all departments and organisations under the transport sector to strengthen their security posture. The entities that have been advised include National Informatics Centre, National Highways Authority of India, National Highways and Infrastructure Development Corporation Limited, Indian Road Congress, Indian Academy of Highway Engineers, state Public Works Department, testing agencies, and automobile manufacturers, the report said.
It also instructed all departments under the ministry to conduct a security audit of their entire IT system through CERT-In certified agencies immediately and on a periodic basis. The departments would then need to submit the report to the government, the report said.
MediaNama reached out to CERT-In and the Ministry of Road Transport and Highways for comments. Their responses are awaited.
Growing spate of cyber attacks
This alert comes a few days after CERT-In revealed that it received 26,121 reports of Indian websites being hacked in 2020, of which 59 websites belonged to central ministries/departments or to state governments.
Over the past few months, there have been several cybersecurity incidents on Indian government domains. Attackers previously used compromised government emails ending in @gov.in or @nic.in to carry out phishing scams targeting officers and luring them into sharing sensitive information. The devices of multiple former defence personnel were found to be compromised by this attack.
Last month, Recorded Future, an American company that studies the use of the internet by state actors, uncovered a Chinese state-sponsored cyberattack that was targeting India’s electricity grid and power distribution systems. According to Recorded Future, Red Echo, the organization behind the attack, deployed malware known as ShadowPad. The attack was linked to the unexpected power outage that hit Mumbai in October 2020, but the Power Ministry has denied any connection. The government, however, has said that it is aware of ShadowPad, and has taken appropriate steps against it.
Last June, the National Highway Authority of India (NHAI) suffered a ransomware attack, although NHAI said that the attack was foiled and no data was lost.
- CERT-In warns of phishing campaign against Indian citizens, businesses; North Korean group may be behind the campaign
- 2020 was a good year for cybercriminals, a bad one for financial and payments security