RTIwala Explains DarkNet Data Breach: Information from servers of more than 6,000 Indian enterprises was reportedly put up for sale on DarkNet in one of the biggest data breach reported in the country.
DarkNet Data Breach: So Where Exactly Lies the Catch?
The unidentified hacker behind the data leak has asked for 15 Bitcoins (around Rs 41.89 lakh) for the information and is even offering network takedown of these 6,000 organizations for an unspecified amount, mentioned Seqrite Cyber Intelligence Labs, and its partner SeQtree Info Services, in a statement.
“Along with the access, the hacker is also selling credentials and various contractual business documents and claims to have access to a large database of Asia Pacific Network Information Centre (APNIC),” the statement further said.
According to researchers, the hackers claimed to have the ability to manipulate IP address allocation pool, which could trigger a serious outage or Denial of Service attack-like condition, said the IANS report. “This could impact various content delivery network (CDN) and host providers as well. If the hacker gets an interested buyer, then an attack on the system could disrupt Internet IP allocation and affect Internet services in India,” SeQtree said.
Quick Heal’s Hand in the Extrication of the DarkNet Data Breach. And How?
RTIwala Team came to know that Classified Information from servers of more than 6000 Indian enterprises was purportedly put up for sale on DarkNet in one of the biggest DarkNet data breaches to have ever eventuated in the country. SeQtree, the enterprise arm of IT security firm Quick Heal, came across an advertisement on DarkNet which claims to have access to data from over 6,000 Indian businesses including government organizations, internet service providers, banks, and enterprises, said an IANS report.
“We have alerted the government authorities well within time. If someone gets control over this massive data that is currently up for sale on DarkNet, then many Indian organizations and enterprises can get affected,” Rohit Srivastava, Senior Director, Cyber Education, and Services at Quick Heal.
To prevent any damage, Seqrite has urged government bodies as well as APNIC to alert potentially threatened organizations to be on the lookout for any signs of trouble. These bodies have also been asked to change their passwords and update security protocols for their servers and systems.
How will it affect the Indian Organizations if it isn’t fortified?
RTIwala Reveals that on detailed inspection, investigators found that the hackers have attacked Indian Registry for Internet Names and Numbers (IRINN), which comes under National Internet Exchange of India (NIXI). IRINN is the national internet registry agency which is tasked with coordinating IP address allocation, along with managing internet resources across the country.
On detailed inspection, investigators found that the hackers have attacked Indian Registry for Internet Names and Numbers (IRINN), which comes under National Internet Exchange of India (NIXI). IRINN is the national internet registry agency which is tasked with coordinating IP address allocation, along with managing internet resources across the country.Bombay Stock Exchange (BSE), Idea Telecom, Flipkart, Aircel, TCS, and ICICI Prudential Mutual Fund are some of the major Indian organizations which have been threatened by this massive data breach, along with many others. Official websites of several Indian state government websites have also been put at risk.
“This can be a major tool of mass disruption if a non-state actor gets hands on it,” SeQtree said on its website.
The organizations whose services may be at risk are: UIDAI (Aadhaar) Idea Telecom, Bombay Stock Exchange (BSE), Flipkart, DRDO, Aircel, Reserve Bank of India, BSNL, SBI, TCS, ISRO, ICICI Prudential Mutual Fund, VMWare, Employees’ Provident Fund Organization and various Indian state government portals, among others.
(Inputs by Rijul Mittal)