Thursday, June 8, 2023
Support Our Journalism
HomeIndiaBug targets critical govt computers at cyber hub NIC, email from Bengaluru...

Bug targets critical govt computers at cyber hub NIC, email from Bengaluru firm is suspect

These computers are believed to contain data on India's security, citizens and important govt functionaries, including the PM, NSA and home minister, among others.

Text Size:

New Delhi: In a major security breach, more than 100 computers of the National Informatics Centre (NIC), which is responsible for securing critical cyber infrastructure in the country and the Ministry of Electronics and Information Technology (MeitY), were found to be compromised, ThePrint has learnt.

The breach comes on the back of reports about alleged snooping by a Chinese firm on Indian politicians, military leaders, entrepreneurs and journalists, among others.

Soon after the bug was identified, Delhi Police’s special cell registered a case under the Information Technology (IT) Act early September and began investigation, which led them to a firm in Bengaluru, from where the bug was generated.

According to sources in the police, these computers contain crucial information and data on India’s security, citizens and important government functionaries, including the prime minister, national security advisor, the home minister, among others.

Also read: India raises Zhenhua ‘snooping’ issue with China envoy Sun, sets up panel to probe matter

What is NIC?

The NIC, which comes under the MeitY, sets up information and communications technology (ICT) infrastructure for the government, helps in implementation of national and state level e-governance projects, provides consultancy to government departments and is responsible for research and development, and capacity building.

The other services it offers include multi gigabit nationwide networks NICNET, NKN, National Data Centres, National Cloud, pan India VC infrastructure, Command and Control Centre, multi-layered GIS based platform, Domain Registration and Webcast.

NIC is a repository of information and data and plays a significant role in delivering citizen-centric e-services.

ThePrint reached MeitY spokesperson for a comment via text and phone call but there was no response until the time of publishing of this report. The report will be updated when ThePrint receives a response.

Also read:  ‘It’s data integration’ — Chinese firm Zhenhua denies charges of illegal data mining

IP address traced to Bengaluru-based company

According to the complaint with the Delhi Police, an employee at MeitY said he was unable to access his email and that there was something amiss.

Later, it was found that not just his computer, but several others, too, were compromised.
During preliminary investigation, the intelligence agencies found that several of these systems had received an email, suspected to be a malware attack. When the users clicked on the email, their systems were affected.

During investigation, the IP address for the malicious email was traced to the Bengaluru office of a US-based company, said the same source.

China connection?

When asked if the police suspect it to be an attempt by China to hack into these systems, the source said it was too early to comment, although it could be a possibility.

“In the current scenario, it is a possibility which we will be looking into. We have a registered a case and are investigating the same,” the source said.

“It definitely is a security breach and we are looking at all angles,” the source added.

Also read: Govt looking into reports that China tracking 10,000 Indians via ‘hybrid warfare’ firm


Subscribe to our channels on YouTube & Telegram

Support Our Journalism

India needs fair, non-hyphenated and questioning journalism, packed with on-ground reporting. ThePrint – with exceptional reporters, columnists and editors – is doing just that.

Sustaining this needs support from wonderful readers like you.

Whether you live in India or overseas, you can take a paid subscription by clicking here.

Support Our Journalism


  1. While they are at it, they could also fix their web servers which are vulnerable to many more “bugs” 😛
    This news is probably blown out of proportion, maybe one system which opened the email got infected. And the malware might have attempted to spread. Its regular practice to check the entire network for possible compromise, nothing more.

  2. I think the correct term is malware (i.e. malicious software), not ‘bug’. A bug is an error or a weakness in a software, which can then be exploited by malware.

  3. Sad to see the state of affairs of our cyberspace serious work must be done in the domain, both offensive and defensive in nature, however the IP address reveals nothing as the attacker could have used a VPN, is there a much more technical report on this story out for public consumption?

Comments are closed.

Most Popular