Indian government officials are accusing “Chinese state-sponsored actors” of being behind a series of cyber attacks on the country’s transport sector over the past few months.
After leading American consultant Scott Belcher warned that transit operators in the US are failing to take cyber security seriously enough, the Indian problems should ring alarm bells with transport agencies around the world that their product is attractive to hackers.
The Hindu Business Line website in India reports on a top secret note put out by the Computer Emergency Response Team (CERT-In) under the Ministry of Electronics & Information Technology, early this month.
“CERT-In has observed continued targeted intrusion activities from Chinese state-sponsored actors towards Indian transport sector with the possible intention to collect intelligence and conduct cyber espionage. The notable threat actors such as APT41/Barium, Tonto Team, APT101 StonePanda, APT15/K3yChang, APT27/Emissary Panda, Winnti groups & RedEcho have been targeting organisations across a range of industries aligned with the national strategic goals of the Chinese national policy priorities,” says the note accessed by BusinessLine.
The report says IRCTC, Tata Motors, National Highways Authority of India, RITES, Dedicated Freight Corridor Corporation of India, Centre for Railway Information Systems (CRIS) and Roads & Building Dept, Andhra Pradesh are the entities that were subjected to cyber attacks during the period between May last year and as late as February this year.
“The Chinese actors have reportedly used either spear phishing, Drive via Download or exploiting known vulnerabilities present in public facing applications as an initial entry mode to compromise the enterprise network,” says the note dated March 10 sent to the Ministry of Road Transport & Highways (MoRTH) with copies to the Intelligence Bureau, Research & Analysis Wing and the National Security Council Secretariat. “The Ministry has advised departments and organisations under transport sector to strengthen the security posture of their infrastructure. Accordingly, NIC, NHAI, NHIDCL, IRC, IAHE, State PWDs, testing agencies and automobile manufacturers have been requested to conduct the security audit of the entire IT system by CERT-In certified agencies on a regular basis and take all actions as per their recommendations,” the Ministry said in a reply to BusinessLine.
The report adds that recent attacks on India’s various power assets were also linked to Chinese hackers.
(Picture – Yay Images)