Image by SecurityDiscovery.
On September 24th, researchers discovered that the NLP platform was exposing sensitive credentials, secrets, and encryption keys via publicly available JS files.
In addition to that, a number of Amazon Web Services (AWS) S3 buckets were left publicly accessible to anyone. The buckets contained the personal data of workers, marine crew, invoices, and internal documents. As the platform deals with the country’s critical infrastructure, this oversight might introduce great risk.
Alarmingly, the exposed AWS S3 keys allowed anyone to get higher privileges and gain access to all of the NLP infrastructure. This poses a grave danger of ransomware attacks. Threat actors could have taken advantage of the access to the system to encrypt critical information and make it inaccessible to the waterways authorities.
It might have caused far-reaching consequences, such as disrupting the trade and operations of India’s ports, not to mention the financial implications of significant ransoms demanded for the decryption keys.
According to the CEO of SecurityDiscovery Bob Diachenko, who first identified the leak, the exact consequences are hard to estimate.
“Figuratively speaking, India’s one-window solution for shipping has left its digital keys right under the doormat. Moreover, the door itself was also open. The JS file should not contain hardcoded credentials in the first place and AWS S3 buckets with sensitive data should be private – especially, when it is a governmental institution. It is also a huge reputational risk not only for that particular asset but for the entire country,” explained Cybernews Diachenko.
If you want to know more about India’s NLP and how the flaw was managed take a look at the original post:
https://cybernews.com/security/national-logistics-portal-data-leak/
About the author: Paulina Okunytė, Journalist at Cybernews
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, National Logistics Portal)
President Trump fired Gen. Timothy Haugh as head of U.S. Cyber Command and NSA President…
Experts warn of a critical vulnerability impacting Apache Parquet's Java Library that could allow remote…
CERT-UA reported three cyberattacks targeting Ukraine’s state agencies and critical infrastructure to steal sensitive data.…
39 Million Secrets Leaked on GitHub in 2024 GitHub found 39M secrets leaked in 2024…
Ivanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited…
An international law enforcement operation shuts down Kidflix, a child sexual abuse material (CSAM) streaming…
This website uses cookies.