More than 100 computers were compromised of NIC in India. . Affected systems are containing the data related to national security, VVIP like PM Modi, Indian Citizens, National Security Advisor Ajit Doval and other. As per the news resources.
This incident is happened in early Sept 2020 by a Phishing email which received by an Employee of Meity (Ministry of Electronics and Information Technology). After downloading the attachment, data was deleted from the system and spread to the other systems as it is an malware functionality. Employees has reported this incident to Delhi police in early of Sept 2020
A case is opened with Special cell of Delhi police and investigating of further compromise details. But As per Delhi special cell primary investigation report, only one system got affected, No harm on the network or other critical systems, by IP address tracing found Email is sent to an Bengaluru based IT Firm using a proxy server from the U.S.
“We have registered a complaint based on the NIC staffer’s complaint and are investigating it,” a Special Cell official said. Source- News
Primary suspect of allegations against the Zhenhua Data Information of Chinese company as he is conducting surveillance on Indian Citizens, Including PM, Home minister and army chief but China Gov has denied the connection with this IT firm. News
Source said, Indian Government has constituted a expert committee under National Cyber Security Coordinator, The committee has to submit this report within 30 days.
For your information- NIC is a part of the Ministry of Electronics and Information Technology (Meity). Which provide and handle infrastructure and security service to the delivery of Indian Government IT Services.
Nowadays, Phishing is an easiest way o enter in any organization. These incidents happened lack of awareness about the social attacks. Every domain organizations like Finiance, IT, Government, Hospitals, real stats etc must take Cyber Security seriously and need to educate the end users with the social engineering attacks. Because a one click can lead to data breach for organizations.