Govt server hacked: Sensitive and crucial data at stake

New Delhi: Days after an official twitter handle of PMO was hacked, a malware has attacked more than 100 computers of the National Informatics Centre (NIC) — the government's nodal agency. An insider didn't rule out the possibility of a snoop gate by Chinese firms who are eyeing on the Indian politicians, armed forces, entrepreneurs and other big honchos.

These computers allegedly contain crucial information and data related to the country's security, important government functionaries including the Prime Minister, National Security Advisor and the home minister. The data about the citizens was also stored on these computers who have been attacked by the malware, that was reportedly generated from an IT company in Bengaluru.

Sources in the government claim that they have already scrutinized the data that is at risk and are revising all the crucial information stored there. "Several meetings were held since the matter came to light and an in-depth analysis of the 'supposedly' compromised data has been done to compensate for the damage or the future threat," a source in the department said.

The matter is under investigation by the Delhi Police's elite Special Cell, who has already registered a case against the cyber attack after an employee at MeitY alleged that he is unable to access his email and certain things are missing. Initial investigation suggests that an email from an IT company in Bengaluru has created the malware. It is also suspected that the mail was originally generated from the US via a proxy server to a Bengaluru based firm.

In an official statement, Delhi Police confirmed an attempted breach by unidentified cyber actors; a kind of regular activity over cyberspace which was, however, detected by its robust cybersecurity systems. The cops have, however, denied reports about the cyber intrusion involving high offices.

Meanwhile, on Thursday, the Parliament was informed that a malware named 'BlackRock', equipped with data-stealing capabilities, has been reported targeting the Android mobile devices. "It (BlackRock) can steal credentials from more than 300 apps like email clients, e-commerce apps, messaging/social media apps, entertainment apps, banking, financial apps, etc," Minister of State for Electronics and IT Sanjay Dhotre said in a written reply in the Rajya Sabha.

It is worth mentioning that in June, India's cybersecurity nodal agency, CERT-In has issued an advisory warning that the potential phishing attacks could impersonate government agencies, departments and trade bodies that have been tasked to oversee the disbursement of government fiscal aid.

The ethical hackers claim that the NIC server and MHA websites are vulnerable for security breaches and cybercriminals can easily hack these servers and websites to access the confidential data. The data is then sold on the darknet or to the clients against handsome money. "Since MHA is using open-source SSL, even malware can be uploaded and the data of all the users can be accessed by the hackers," they said.

"Most of the websites are designed by a local developer, which is then linked to the NIC server. There is no nodal agency or department at NIC to look after the privacy policies, as a result, all the data stored on these servers become vulnerable and pose a potential threat," said Kislay Chaudhary, Chairman of an NGO- Indian Cyber Army.

The breach comes amid allegations a Chinese firm - Zhenhua Data Information - is conducting covert surveillance on thousands of Indians, including the Prime Minister, the President, the Vice President and the Army Chief.