Since June, cyber attackers have been mimicking a website belonging to the Defence Research and Development Organisation (DRDO) and infiltrating various government organisations, including defense establishments, to collect official data, per an advisory accessed by Moneycontrol.
This is yet another instance of a cyber attack targeting Indian government officials, due to the sensitivity of the data entrusted with these employees on a regular basis.
In this instance, the malicious website was made in the garb of a "defence cyber exercise" and attempts to contact officials were being made from a compromised NIC email id, the government advisory said.
"Recently it has come to notice that a phishing URL...mimicking the website of DRDO is in mass circulation since 03 June 2023 (sic) with various sensitive government organisations including defence establishments to harvest the NIC credentials of government officials under the pretext of Defence Cyber Exercise...," the July 14 advisory read.
More importantly, this is not the first time that DRDO has been targeted by threat actors. A few months back, a DRDO employee was arrested after he allegedly divulged secrets after falling victim to a honey trap.
As it happens, Moneycontrol earlier reported, that government organisations were targeted by malware-laden emails disguised as recommendations on how to prevent honey trapping.
The July 14 advisory, also had details of malicious IP addresses from where these attacks originated and listed compromised email IDs from where these messages were coming.
"Block the suspicious URLs and the IPs mentioned at.. perimeter security devices (sic). Sensitise all personnel.. regarding these phishing campaigns along with modus operandi and advise them not to enter their NIC login credentials when redirected login page appears," the government advised officials in the circular.
Moneycontrol has reached out to DRDO requesting their comment on the matter and the story will be updated when a response is received.
Additionally, it is not just defence bodies that are being targeted among government organisations. Moneycontrol also reported how the government has detected a "new wave of cyber attack campaign" where China-based threat actors have been targeting government bodies, such as the Unique Identification Authority of India (UIDAI) and the All India Institute of Medical Sciences (AIIMS).
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
