The Delhi Police’s Special Cell has filed an FIR on a malware attack on one of the computers of National Informatics Centre. The FIR was registered in the first week of September and the investigation is now ongoing. According to sources, a complaint from one NIC staff member was received by the police. The complaint was about a malware attack which could have possibly affected and shown vulnerabilities in several computers of the NIC and the Ministry of Electronics and Information Technology (MeitY}. Such threats, in turn, may expose significant risks to data security in critical sectors.
As for this malware and how it affected the system, the registered complaint mentioned that an employee at MeitY had received an email. Upon clicking the attachment, the malware got seemingly enabled, leading to data getting deleted from the system. Further inspection revealed that it was a case of malware affecting the system. According to police sources, it so appears that the malware did not affect networks at NIC, but was instead confined to one particular PC, only. Police sources further claimed that there has been no data loss as a result of the malware, but investigation on the matter will be ongoing.
So far, investigation has revealed that the malware email was sent from an American account, routed through a proxy server through a Bengaluru IT firm. It now remains to be seen what the investigation reveals, and what steps are further adopted to reinforce more stringent cyber security standards in official departments. Malware and other targeted cyber attacks have been seeing a steady rise over the past few years, leading to more targets in government and other official sectors as well.
In recent times, state sponsored cyber espionage and cyber attacks have been seemingly on the rise, as cyber warfare keeps forming an increasingly important part of hybrid warfare strategies. Indian government sectors have been reported to be working towards increasing their cyber security standards, and the newly reported malware attack highlights a key reason behind the need for increased importance of cyber security in critical sectors.