Sunday, May 16, 2021
Home Business After power, Chinese hackers target transport sector

After power, Chinese hackers target transport sector

Chinese state-sponsored actors have targeted the transport sector in India in the last few months with cyber attacks, according to a top secret note put out by the Computer Emergency Response Team (CERT-In) under the Ministry of Electronics & Information Technology, early this month.

“CERT-In has observed continued targeted intrusion activities from Chinese state-sponsored actors towards Indian transport sector with the possible intention to collect intelligence and conduct cyber espionage. The notable threat actors such as APT41/Barium, Tonto Team, APT101 StonePanda, APT15/K3yChang, APT27/Emissary Panda, Winnti groups & RedEcho have been targeting organisations across a range of industries aligned with the national strategic goals of the Chinese national policy priorities,” says the note accessed by BusinessLine.

IRCTC, Tata Motors, National Highways Authority of India, RITES, Dedicated Freight Corridor Corporation of India, Centre for Railway Information Systems (CRIS) and Roads & Building Dept, Andhra Pradesh are the entities that were subjected to cyber attacks during the period between May last year and as late as February this year.

“The Chinese actors have reportedly used either spear phishing, Drive via Download or exploiting known vulnerabilities present in public facing applications as an initial entry mode to compromise the enterprise network,” says the note dated March 10 sent to the Ministry of Road Transport & Highways (MoRTH) with copies to the Intelligence Bureau, Research & Analysis Wing and the National Security Council Secretariat. “The Ministry has advised departments and organisations under transport sector to strengthen the security posture of their infrastructure. Accordingly, NIC, NHAI, NHIDCL, IRC, IAHE, State PWDs, testing agencies and automobile manufacturers have been requested to conduct the security audit of the entire IT system by CERT-In certified agencies on a regular basis and take all actions as per their recommendations,” the Ministry said in a reply to BusinessLine.


An e-mail sent to Director-General, CERT-In, Sanjay Bahl, asking for details on the note remained unanswered. Calls and messages sent to Ajay Prakash Sawhney, Secretary, MeitY, also remained unanswered.

“Considering the advanced capabilities and infrastructure and tenacity of the Chinese adversaries, CERT-In suggests departments and organisations under transport sector to beef up the security posture of their infrastructure with respect to the continued computer network operations and targeted intrusion,” the note advised. “Organisations should stringently monitor and examine their network perimeter logs (firewall, proxy etc.) particularly with curated list of Indicator of Compromise of this campaign provided by CERT-In,” it added.

Intimate on actions taken

It may be recalled that the recent attacks on the country’s various power assets were also linked to Chinese hackers. Tech giant Microsoft had also warned its customers recently against cyber attacks that have origin in China, primarily targeting its on-premises ‘Exchange Server’ software.

Source link


Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

What will Covid do to India’s GDP mainstay? Economists paint grim picture even as businesses hold on to hope

Rural India saved the country during the first Covid wave. This time Covid infections have spread to the interiors like wild fire.SynopsisWhen Covid...

Leveling the playing field – TechCrunch

Williesha Morris Contributor Williesha Morris has been a journalist and freelancer off-and-on for over a decade. When she’s not writing, she’s reading, playing video games...

China lands spacecraft on Mars

China has landed a spacecraft containing a rover on Mars, according to state media, in a further sign of its bold ambitions in...

Pipeline Attack Yields Urgent Lessons About U.S. Cybersecurity

For years, government officials and industry executives have run elaborate simulations of a targeted cyberattack on the power grid or gas pipelines in...

Recent Comments

Close Bitnami banner