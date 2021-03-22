The note added that Chinese actors either used spear phishing, Drive via Download or exploited known vulnerabilities in public facing applications to gain initial entry and compromise the enterprise network. (Representative Image)

The Ministry of Road Transport and Highways (MoRTH) has received an alert from the Indian Computer Emergency Response Team (CERT-In) in relation to possible cyber attacks targeted at the Indian transport sector.

In response, the ministry alerted the National Highways Authority of India (NHAI), the National Highways and Infrastructure Development Corporation (NHIDCL) and other wings on March 21 to augments their information technology systems, PTI reported.

Automakers have also been alerted about possible cyber-attacks.

In a statement, the ministry said it received an alert from CERT-In in regards to targeted intrusion activities directed towards the Indian transport sector with possible malicious intentions.

“The Ministry has advised departments and organisations under transport sector to strengthen the security posture of their infrastructure," it added.

Consequently, agencies like the NHAI, NHIDCL, state public works departments (PWDs), Indian Road Congress (IRC), Indian Academy of Highway Engineers (IAHE), testing agencies and automobile manufacturers have been requested to conduct security audit of the entire IT system by CERT-In certified agencies.

The ministry has also advised all concerned departments to conduct such security audits “on a regular basis” and take all actions as per recommendations. Further, the audit reports and action taken reports are to be regularly submitted to the ministry.

The recent cyber-security threat comes after the NHAI reported a cyber-attack on its email server in June 2020. It had then said that prompt action resulted in no data loss and shut its server as a precaution.

The CERT-In note to the ministry was sent to the Ministry of Electronics & Information Technology (MeitY) on March 10, Hindu BusinessLine reported.

The note stated: “CERT-In observed continued targeted intrusion activities from Chinese state-sponsored actors towards Indian transport sector with the possible intention to collect intelligence and conduct cyber espionage. The notable threat actors such as APT41/Barium, Tonto Team, APT101 StonePanda, APT15/K3yChang, APT27/Emissary Panda, Winnti groups & RedEcho have been targeting organisations across a range of industries aligned with the national strategic goals of the Chinese national policy priorities.”

Moneycontrol could not independently verify contents of the note.

As per the note, parties targeted by the cyber-attacks conducted between May 2020 and February 2021, include NHAI, Centre for Railway Information Systems (CRIS), Dedicated Freight Corridor Corporation of India (DFCCIL), Indian Railway Catering and Tourism Corporation (IRCTC), Roads & Building Department, Andhra Pradesh, Rail India Technical and Economic Service (RITES) and Tata Motors.

The note added that Chinese actors either used spear phishing, Drive via Download or exploited known vulnerabilities in public facing applications to gain initial entry and compromise the enterprise network.

Copies of the note were also sent to the MoRTH, the Intelligence Bureau (IB), Research & Analysis Wing and the National Security Council Secretariat.

CERT-In and MeitY did not respond to queries, as per the HBL report.

The report also recalled recent attacks on India’s power assets which were linked to Chinese hackers, and multiple cyber-attacks on Microsoft’s ‘Exchange Server’ customers.

