Hindustan Times ST (Mumbai) - HT Navi Mumbai Live
Cyberattacks rise at oil cos as hackers up their game
NEW DELHI: A major cyberattack hit state-run Oil India Ltd on 13 April, targeting its Assam facility’s information technology (IT) systems. The company said the attack did not affect operations; however, media reports claimed that hackers demanded $7.5 million from the oil producer.
In a regulatory filing, Oil India said it has taken the necessary precautions.
Oil India isn’t alone. According to CyberPeace Foundation, a civil society organization, nearly 360,000 attacks on Indian oil companies were detected by threat intelligence sensors deployed to analyze real-time cyberthreats between 1 October and 12 April. Its study said 19,342 threats were detected in February, the least in this period. October had the highest number of attacks at 117,000.
The study was part of CyberPeace Foundation’s eKawach programme, under which it partnered with Autobot Infosec Pvt. Ltd and CyberPeace Center of Excellence (CCoE) to deploy the SCADA Critical Information
Infrastructure threat intelligence sensors, which are industrial control systems deployed on critical infrastructure.
A spokesperson for CyberPeace Foundation said, “Deploying the simulated network will play a key role in collecting data on attack patterns, different types of attack vectors for the different protocols, and the recent malicious activities.” An attack vector is a method used by hackers to exploit vulnerabilities and infiltrate a system or network.
The study signals the growing number of cyberattacks on the critical infrastructure of companies in India. Such attacks have increased in the past year worldwide as well. Several US firms, including Colonial Pipeline and JBS Foods, were hit by ransomware attacks in 2021.
This month, UK-based cybersecurity firm Recorded Future warned about a Chinese statebacked threat campaign targeting power companies in India. It had flagged similar attacks on power grids in the country in February.
“In recent months, we observed likely network intrusions targeting at least seven
Indian state load despatch centres (SLDCs) responsible for carrying out real-time operations for grid control and electricity dispatch within these respective states,” the security firm said in a blog post on 6 April. It added that SLDCs were located in north India and in proximity to the disputed Indo-China border in Ladakh.
Last year, the firm said a Chinese state-backed hacker group called RedEcho had targeted power grids in India. “This latest set of intrusions, however, is composed of an almost entirely different set of victim organizations. In addition to the targeting of power grid assets, we also identified the compromise of a national emergency response system and the Indian subsidiary of a multinational logistics firm by the same threat activity group,” the company said in its post.