If you thought the last decade was the pinnacle of all email phishing attacks, you better think again. An independent researcher in India has blown the whistle on the likely possibility that the email accounts of around thirty thousand employees working in high profile parastatals have been compromised.
The man is known as Sai Krishna Kothipalli and happens to be the founder of a cybersecurity and threat detection company called Hackrew. He analyzed the breaches for about six years after which he compiled a report of the stolen information whose source stemmed from the dark web.
Some of the companies whose employees fell victim to these hacks include Indira Gandhi Centre of Atomic Research (IGCAR), Securities and exchange board of India (SEBI) and the Indian Space Research Organisation (ISRO).According to Mr. Kothapalli, 3202 government accounts were compromised and their login credentials (password and account number) were available on the darknet. The researchers marveled at the magnitude of the attack.
Given that the bulk of the government accounts that were hacked belonged to atomic energy parastatals, there is a belief that the attacker had a positive bias towards gaining high privilege atomic energy intelligence. The stolen information was quite bulky and largely disorganized. For this reason, Mr.Kothipalli advised that before further analysis, a large scale clean-up is needed.
For this to happen, the accounts’ email addresses needed to be paired with their passwords for there to be clear matches.
In a bid to crosscheck and ascertain Mr. Kothapalli’s findings, the data was run through a third-party threat-detection website known as “Have I been pwned” after which it was proven to be true.
Mr. Kothipalli identified that most of the compromised details were in plain text. This means that not only have the credentials been stolen but they have also been made visible in plaintext meaning that any website service that would be visited and logged in using the same credentials also has a high probability of being compromised.
Upon inquisition on the gravity of the hack, the reaction from the Department of Atomic Energy, Mumbai was rather lackluster with comments like “It is old news” being thrown in the air. This reaction evoked a watered-down tone as if there was a lack of transparency.
The researcher says that he is on the ending tips of his investigation and once completed, he will sound a call to the relevant authorities.
The online community is reminded that such damaging occurrences call for solid online security measures to safeguard our online safety. He challenges users that the time to incorporate the two-factor authentication system in the accounts of sensitive individuals is now. To conclude, Mr. Kothipalli says that an additional measure to ascertain a winning level of online security is to employ a password manager and set different login credentials in different sites
