STOCK MARKET BSE NSE

TN govt systems under cyber attack, probe on

The Tamil Nadu government’s Public Department is said to have come under a ransomware attack, wherein a malware was used to encrypt computer files.

Published: 19th September 2021 04:35 AM  |   Last Updated: 19th September 2021 04:35 AM   |  A+A-

hacking, snooping, cyber crime

Representational Image

Express News Service

CHENNAI: The Tamil Nadu government’s Public Department is said to have come under a ransomware attack, wherein a malware was used to encrypt computer files. It is learnt the suspect reportedly demanded a payment of $1,950 in cryptocurrency as ransom for handing over the decryption code.

The department functions directly under the Chief Secretary and deals with important matters concerning the general administration of the State. It also handles protocol arrangements relating to visits of VVIPs, VIPs, and other dignitaries, and matters of common interest between the Central and State governments, besides handling law and order issues.

While officials maintained that none of the confidential files were lost as they were handled manually, they refused to confirm or divulge the sum demanded by the hacker, and said it was immaterial. A top official from the Information Technology department confirmed the attack, and said, “We are at it and trying to get back the access.” Cyber security experts from the Centre for Development of Advance Computing (C-DAC) and Indian Computer Emergency Response Team (CERT-In) are trying to retrieve the documents.

Meanwhile, the public department has lodged a complaint with the cyber cell. “Something happened to the computers in the Special-B section,” an official said, adding that no file has been lost due to the attack. “This department maintains confidential files only in papers. For government records, normally we will be taking a backup,” he added.

Explaining how confidential files are maintained, the official said, “e-Governance or e-Office will not apply to the confidential section. Even approvals are given manually. Computers are used to key-in and take prints, and to save them in files,” he said.

‘We fear this is just the beginning’

Securin, a Chennai-based cyber security company, which investigated the attack, found one vulnerability (environment.tn.gov.in) to have been exploited by one WannaCry ransomware. It also found that over 400 public facing assets linked to the domain are vulnerable. Commenting on the investigation, Ram Movva, co-founder and chairman of cyber security works and CEO of Securin, said, “Our investigation shows very poor cyber hygiene in the State’s Public Department.

Our analysis has revealed vulnerabilities exploited by WannaCry. Over 80 assets have vulnerabilities that have Remote Code Execution and Privilege Execution capabilities.” “We fear this is just the beginning.

We have seen many government entities become targets of ransomware attacks since last year, and have warned CERT-In about the exposures that we have seen in the dark web. Continuous vulnerability scanning and an automated Attack Surface Management programme is the need of the hour for all government entities,” said Movva.

‘Very poor cyber hygiene’
Our probe shows very poor cyber hygiene in the Public Department, says Ram Movva

WannaCry under scanner
Securin, a Chennai-based cyber security company, which investigated the attack, found one vulnerability (environment.tn.gov.in) to have been exploited by one WannaCry ransomware



Comments(1)

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

  • Sharath

    Cyber security breaches have become very common these days and it is really scary to see governments being attacked! DDoS protection does seem to help for websites. Many people use Mazebolt
    1 month ago reply
flipboard facebook twitter whatsapp