India’s cyber security agency, the Computer Emergency Response Team (CERT-In), has traced cyber attacks on the National Highway Authority of India (NHAI) to unknown IP addresses in Hong Kong and Taiwan, according to a Times of India report.
NHAI’s server was attacked by malware as part of a Maze ransomware attack back in June, according to media reports.
CERT-In has been assessing the malware attack and has found major gaps in the highway authority’s security system, according to the ToI report. It has also discovered other suspicious logins into NHAI’s virtual private network (VPN) from IP addresses in Hong Kong and Taiwan, which may be unrelated to the Maze ransomware attack in June, the report said. It is likely that the internal IT system of the highway authority may have been compromised on more than one occasion.
NHAI has been advised to disable VPN accounts with suspicious activity, replace active directory server and block malicious IPs as an immediate security measure, the report said.
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.