National Informatics Centre, which manages the IT infrastructure of the Indian government, was subjected to a cyber attack perpetrated allegedly by Chinese government-backed hackers, said a report by cybersecurity company Recorded Future.
The report said that the hackers, RedAlpha, targeted NIC and other governments across the world, news publications, and think tanks, and sought access to email accounts and other online communications associated with the organisations.
“The group has also consistently spoofed login pages for India’s National Informatics Centre (NIC), which manages wider IT infrastructure and services for the Indian government,” said the report by Recorded Future.
Log-in pages of NIC are specifically kept for key government officials. Parliamentarians, ministers, and other officials of the government all have email ids associated with the NIC domain name.
“These (spoofed) domains typically imitate well-known email service providers and spoof specific organisations that are either directly targeted in RedAlpha activity or that can be used to impersonate those organisations in activity targeting proximate organisations and individuals,” it read.
Spoofed login page of NIC | Source: Recorded Future report
Details entered into these spoofed websites or login pages steal credentials and could be used to gain unauthorised access into systems.
Moneycontrol has reached out to NIC with further queries in this regard, and the post will be updated when we receive a response.
The publication had also earlier reported how NIC was looking to tie up with private players, to amp up cybersecurity. While looking for such players, NIC had categorised dealing with cybersecurity as a ‘challenge’.
Apart from NIC, other targeted organisations include International Federation for Human Rights (FIDH), Amnesty International, the Mercator Institute for China Studies (MERICS), Radio Free Asia (RFA), and the American Institute in Taiwan (AIT), among others.
This development comes a month after the Indian Computer Emergency Response Team’s (CERT-In) cybersecurity directions came into force.
These norms, which have to be followed not just by corporates but also by government organisations, come with added compliance requirements such as a shorter cybersecurity reporting mandate.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
