scorecardresearch
Tuesday, March 26, 2024
Support Our Journalism
HomeIndiaPakistani cyber actors compromised 4 Indian Railways computers: Intelligence Bureau letter

Pakistani cyber actors compromised 4 Indian Railways computers: Intelligence Bureau letter

A letter sent to the Railways last month said 4 computers in use at different offices have been attacked by malware through a process called spear-phishing.

Follow Us :
Text Size:

New Delhi: Last month, the Intelligence Bureau wrote to the Ministry of Railways, alerting it about computer systems being compromised by Pakistan-based “cyber actors”.

The letter written in May, which has been accessed by ThePrint, stated: “It is learnt that (04) Internet connected computers in use at different offices of Indian Railways has (sic) been compromised by Pakistan based cyber actors (APT 36 Malware campaign). Data from the compromised computers are being constantly sent to servers abroad.”

The details of the computers have been attached separately, the IB’s letter added. A highly placed source told ThePrint that while three of the computers identified are located in the ministry, one is the personal computer of a top vigilance officer from the railways.

Asked for a comment by ThePrint, Ministry of Railways spokesperson D.J. Narain said the issue was “very old”, without specifying how old it was. He added: “We have nothing more to say on this. All we can say is we are all safe.”


Also read: Pakistan-linked hackers pose as Indian govt, carry out cyberattacks under Covid-19 cover


Spear-phishing

The IB’s letter further stated that “APT36 cyber threat actors are targeting various government sectors including defence, central police organisations, education, healthcare etc”.

“The modus operandi is to deliver Crimson RAT (Remote Access Trojan) malware embedded in MS Office documents to steal information from the victim computers,” it stated, adding that Covid-themed “spear-phishing” emails are being used to deliver this malware into the victims’ computers.

Spear-phishing is described as the act of sending “emails to specific well-researched targets while purporting to be a trusted sender”. Security and risk management news website CSOOnline quoted Aaron Higbee, co-founder and chief technology officer of anti-phishing firm Cofense, as saying: “Spear-phishing is a campaign that was purposefully built by a threat actor with a goal of penetrating one organisation, and where they will really research names and roles within a company.”

Recommendations

The IB letter also went on to recommend the course of action the Indian Railways should take on this issue.

“Indian Railways may identify the infected computers and take immediate steps to sequester, cleanse and secure the computers,” the letter stated.

It advised immediately disconnecting the infected computers from LAN/internet, changing passwords of all email and online services from another secure computer, formatting the hard disks of the infected computers after taking back-ups of data files, re-installing operating systems and applications from clean software, and scanning back-up data for viruses before restoring it.


Also read: How hackers broke into WHO computers by posing as journalists, researchers


 

Subscribe to our channels on YouTube, Telegram & WhatsApp

Support Our Journalism

India needs fair, non-hyphenated and questioning journalism, packed with on-ground reporting. ThePrint – with exceptional reporters, columnists and editors – is doing just that.

Sustaining this needs support from wonderful readers like you.

Whether you live in India or overseas, you can take a paid subscription by clicking here.

Support Our Journalism

4 COMMENTS

  1. Even if it’s recent, this is really a very low level kids stuff. But then that’s what we can expect from beggars. India, China, the US and Israel are real DDOS attack powers. I won’t say much further on this.
    But really disappointed in Print to get this click-bait news on their platform.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular