Cyber attacks on NHAI system traced to HK, Taiwan: Report

Hemani Sheth Mumbai | Updated on August 17, 2020

NHAI advised to disable VPN accounts with suspicious activity

India’s cyber security agency, the Computer Emergency Response Team (CERT-In), has traced cyber attacks on the National Highway Authority of India (NHAI) to unknown IP addresses in Hong Kong and Taiwan, according to a Times of India report.

NHAI’s server was attacked by malware as part of a Maze ransomware attack back in June, according to media reports.

CERT-In has been assessing the malware attack and has found major gaps in the highway authority’s security system, according to the ToI report. It has also discovered other suspicious logins into NHAI’s virtual private network (VPN) from IP addresses in Hong Kong and Taiwan, which may be unrelated to the Maze ransomware attack in June, the report said. It is likely that the internal IT system of the highway authority may have been compromised on more than one occasion.

NHAI has been advised to disable VPN accounts with suspicious activity, replace active directory server and block malicious IPs as an immediate security measure, the report said.

Published on August 17, 2020

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

This article is closed for comments.
Please Email the Editor