Hacked data from India’s NIXI IRINN up for sale on darknet; cybersecurity expert warns of misuse

A cyber security company Seqrite, along with its partner seQtree on 29th September, discovered a possible breach at India’s National Internet Registry and notified it to the Indian government.

Must Read

Why cybersecurity threats have increased during Covid-19 pandemic

Cybersecurity industry has never had more significant task to carry out than guarding strategic associations and businesses from digital assaults during the coronavirus pandemic

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand)

Ensuring brand protection against cyber attacks

Companies across all industries and sizes must make sure that they are protected and safeguarded against all forms of cyberattacks today

A cyber security company Seqrite, along with its partner seQtree on September 29 discovered a possible breach at India’s National Internet Registry and notified it to the Indian government. The company in their blog said that they discovered about the breach via an advertisement that the hackers had apparently had put up as – “access to the servers and database dump of an unspecified Internet Registry” on a darknet platform. Upon further research and interacting with the seller, the team confirmed that the breach was legitimate and the unspecified registry was when they discovered critical data of some of the most important and high-profile organizations of India.

Indian Registry for Internet Names and Numbers (IRINN) provides allocation and registration services of IP addresses (the internet address used by devices to reach other devices on the internet) and Autonomous System numbers. It comes under NIXI (National Internet Exchange of India) which “is the neutral meeting point of the ISPs in India with the primary objective being the facilitation of exchange of domestic Internet traffic between peering ISP members.” – reads their website.

The dealer, during a conversation with the security team which was posing as an interested buyer, said “In client Database you can get username, email ids, passwords, organisation name, invoices/billing documents, and few more important fields. You can also control IP range of respective organisation. You can entirely shut down that organisation.

“Disrupting the internet is one small part of the real risks if the data falls into wrong hands. If exploited, a malicious user could infect even the most trusted and secured websites & servers to display real looking, backdoored pages and steal critical information of hundreds of millions of Indians,” said Ankush Johar, Director of BugsBounty.com – A crowd-sourced security platform for ethical hackers and organisations.

“This is a big wakeup call for the government of India suggesting that the present security mechanisms might not be enough to safeguard the citizens of the country,” he added.

“Learning from other governments overseas might do the job for India too. It’s time to crowdsource the security of such critical applications because it’s simply better to have ten thousand ethical hackers to verify the security instead of a few hundred security analysts and all this can be done via bug bounty programs that allow efficient utilization of ethical hackers in India. Even The US Army and The US Navy have successfully conducted bug bounty programs in the past, now it’s time for Indian organisations to open up to crowd-sourced security”

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Related Articles