Info-tech

NIXI refutes claims of serious data breach of India internet registry

Urvashi Valecha Mumbai | Updated on January 08, 2018 Published on October 04, 2017

The National Internet Exchange of India (NIXI) has clarified that there was no serious security breach of the Indian registry database as claimed by a hacker on the Darknet.

NIXI, which manages the Indian internet registry, said that the claims made by the hacker were "audacious and far from truth".

On Tuesday, Quick Heal Technologies’ enterprise security solutions unit had disclosed that it had discovered an advertisement on Darknet announcing secret access to the servers and database dump of over 6,000 Indian businesses — including ISPs, government and private organisations.

The hacker has priced the information at 15 Bitcoins and is offering network takedown of affected organisations for an unspecified amount, it added.

Responding to an e-mail questionnaire from BusinessLine, a spokesperson for NIXI said , "there has been no serious security breach of its IRINN system, as it has a robust security protocol in place. The hacker has no capacity to cause any damage or initiate distributed denial of service to any entity who has been allocated Internet resources through IRINN System."

"There was an attempt to penetrate the system and hacker was able to collect some basic profile information of the contact persons of some of the affiliates which was displayed by him on the darknet. The existing security protocol of NIXI is robust and capable of countering such attacks. However, following this breach, security protocol has been further strengthened and review of existing infrastructure has also been initiated," NIXI added.

"We assure our affiliates and all concerned that our system is secured and security protocol in practice is capable of handling such attacks. The claim by the actor of Dark Net is audacious and far from truth," it said.

Terming it as one of the biggest breaches affecting Indian organisations, Seqrite Cyber Intelligence Labs, along with its partner seQtree InfoServices, had identified the affected organisation as the Indian Registry for Internet Names and Numbers (IRINN), which comes under the National Internet Exchange of India.

“As a precautionary measure, Seqrite Intelligence Labs has reached out to government authorities and Asia Pacific Network Information Centre (APNIC) with a strong recommendation to alert all potentially affected organisations and urge them to change passwords and get their servers and systems patched with latest updates,” Quick Heal had said in a statement.

Seqrite Cyber is the DarkNet monitoring division of Seqrite, the enterprise security solutions brand of Quick Heal Technologies

Published on October 04, 2017
This article is closed for comments.
Please Email the Editor