Pierluigi Paganini
July 02, 2020
As part of regular darkweb monitoring, researchers from threat intelligence firm has spotted the data leak of National Highways Authority of India (NHAI). The Maze ransomware operators allegedly breached the NHAI and leaked the data of their leak site.
The National Highways Authority of India (NHAI) is an autonomous agency of the Government of India, set up in 1988, and is responsible for the management of a network of over 50,000 km of National Highways out of 1,15,000 km in India. It is a nodal agency of the Ministry of Road Transport and Highways.
According to the Economic Times, the attack took place on Sunday night, hackers targeted the National Highways Authority Of India’s email server, but according to the Indian Agency, no data was stolen. The Authority had shut down the server in response to the intrusion.
The National Highways Authority of India (NHAI) on Monday said a cyber attack took place on its email server on Sunday night but prompt action resulted in no data loss. As a precaution, the Authority had shut down the server.
“A ransom ware attack on NHAI email server took place yesterday night. The attack was foiled by the security system and email servers were shut down from safety point of view,” NHAI Chief General Manager, IT, Akhilesh Srivastava, said.
“No data loss took place. NHAI data lake and other systems remained unaffected from this attack,”
Early this month, the government warned against a large-scale cyber attack against individuals and businesses in the country.
“India’s cyber security nodal agency, CERT-In had issued an advisory warning that the potential phishing attacks could impersonate government agencies, departments and trade bodies that have been tasked to oversee disbursement of government fiscal aid.” states the Economic Times.
Now Maze ransomware operators claim to have leaked only 5% (around 2GB) of the total volume of data exfiltrated by the Authority.
The Cyble Research Team analyzed the data leak and confirmed the presence of sensitive corporate operational documents.
“The Cyble Research Team identified and analyzed the data leak of around 2GB. The data leak includes sensitive corporate operational documents such as the company’s staff list, passport copy of ex-chairman of NHAI, details of dependent family members of NHAI employees, NHAI internal audit reports, and much more.” reads the post published by Cyble.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Maze ransomware, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
