Central agencies reach Doon to investigate
Wednesday, 09 October 2024 | PNS | DEHRADUN
Hackers demanded a ransom from the State authorities for restoring access to critical government data after a recent cyberattack on the State government’s cyber network in Uttarakhand. The breach which took place on October 2 crippled several key government websites and online services, following which the authorities launched an immediate probe and other measures. The hackers reportedly left a message on the servers of the State’s Information Technology Development Agency (ITDA), demanding payment in exchange for the secure recovery of the data they had claimed to have seized. However, the inspector general of police (Crime, Law and Order) Nilesh Anand Bharne claimed that the authorities did not entertain this demand and restored the data after ensuring that all sites are safe and secure to use. A Special Investigation Team (SIT) has been formed to investigate the whole matter.
The central agencies, including the Indian Cyber Crime Coordination Centre (I4C), National Investigation Agency (NIA), CERT-IN, and the National Critical Information Infrastructure Protection Centre (NCIIPC), have also reached Dehradun to help in the investigation, Bharne said. He informed in a Press conference on Tuesday that the breach occurred during a narrow 10-minute window between 2:45 PM and 2:55 PM on October 2, disrupting the Crime and Criminal Tracking Network and System (CCTNS) project at the Uttarakhand State Data Centre. ITDA officials discovered the server had been hacked after all systems abruptly shut down, the IG said. He stated that the hackers left a message in Notepad on every server’s folder, providing an email address for communication and threatening to keep the data hostage unless a ransom was paid.
The cyber team of the Uttarakhand Special Task Force (STF) led by deputy superintendent of police Ankush Mishra and inspector Vikas Bhardwaj reached the scene to launch legal and technical investigations. “They worked closely with ITDA staff to assist in restoring IT systems. The team successfully recovered vital digital logs, virus files and other evidence from the compromised servers. A forensic copy of the affected systems is being sent for further analysis to uncover how the virus infiltrated the system. It is possible that it was not a cyberattack- the virus may have entered the system through an unauthorised application,” Bharne said. He also informed that the Cyber Crime Police Station has filed an FIR, invoking sections of the Information Technology Act regarding unauthorised access and system tampering.
The deputy inspector general of STF Senthil Avoodai Krishna Raj S also stated that the suspected cyberattack has sparked fears of widespread data vulnerability within the State’s infrastructure, but the STF special team and ITDA’s cyber experts have been working tirelessly to reinforce cyber security measures. “We lost nothing in this alleged attack except some time. The central agencies also praised the State authorities for quick intervention that helped prevent further damage to government services,” he said. He also clarified that since October 2, the authorities stopped several websites and were analysing and scanning the whole system to ensure safety and security before resuming them. It was being done as a safety measure. He said that as investigations continue, the collaboration between central agencies and local authorities is expected to not only track down the perpetrators but also provide key insights to safeguard against future cyberattacks.
