National Internet Exchange of India (NIXI) which manages India specific .in domain through Indian Registry for Internet Names and Numbers (IRINN) has accepted that hackers have been able to collect basic profile information of the contact persons of some of the affiliates but stressed that hacker can't cause any damage or initiate distributed denial of service (DDoS) to any entity who has been allocated Internet resources through IRINN System.
In a statement issued late evening on Tuesday, NIXI said, “There was an attempt to penetrate the system and hacker was able to collect some basic profile information of the contact persons of some of the affiliates which was displayed by him on the darknet.” But it also clarify that there has been no serious security breach of its IRINN system, as it has a robust security protocol in place. “The hacker has no capacity to cause any damage or initiate distributed denial of service to any entity who has been allocated Internet resources through IRINN System,” claimed NIXI.
NIXI also reiterated that the existing security protocol that it has is robust and capable in countering such attacks. However, following this breach, security protocol has been further strengthened and review of existing infrastructure has also been initiated. “We assure our affiliates and all concerned that our system is secured and security protocol in practice is capable of handling such attacks. The claim by the actor of Dark Net is audacious and far from truth,” said NIXI.
On September 29, Seqrite Cyber Intelligence Labs along with its partner seQtree InfoServices has tracked an advertisement on DarkNet announcing secret access to the servers and database dump of over 6000 Indian businesses – ISPs, government and private organisations. The hacker has priced the information at 15 Bitcoins and is offering network takedown of affected organisations for an unspecified amount. Company notified this development to the Indian government and also wrote a detailed blog on how this data was being sold in darknet platform.
On September 30, online news portal medianama reported this incident but major media houses did not pick the story. On Tuesday, cyberfirm parent company, Quick Heal Technologies Limited issued the press release stating the development, forcing the NIXI to offer the explanation.