Cyber threat: Transport ministry tells highways authorities, auto makers to strengthen IT systems
The directive followed a Cert-In alert regarding ‘targeted intrusion activities directed towards Indian Transport sector with possible malicious intentions’.
The Union transport ministry on Sunday alerted highways authorities and automobile makers about a possible cyber attack and asked them to strengthen their information technology systems.
The Ministry of Road Transport and Highways issued the directive after it received an alert from the Indian Computer Emergency Response Team (Cert-In) regarding “targeted intrusion activities directed towards Indian Transport sector with possible malicious intentions”. The ministry then advised departments and organisations under the transport sector to “strengthen the security posture of their infrastructure”.
Accordingly, the National Informatics Centre, the National Highways Authority of India, the National Highways and Infrastructure Development Corporation, the Indian Road Congress, the Indian Academy of Highway Engineers, state Public Works Departments, testing agencies and automobile manufacturers have been asked to conduct the security audit of their IT systems by CERT-In certified agencies. “The audit report and the ATR to be regularly submitted to the Ministry,” the ministry said in a statement.
The NHAI had reported a cyber security attack in June. It had said that prompt action at that time resulted in no loss of data.
The latest alert came amid reports of possible cyber security attacks on domains in India over the past few months, according to the Hindustan Times. In February, phishing emails reportedly attempted to target officials using government emails such as @gov.in or @nic.in. The devices of some former defence personnel may also have been compromised in similar phishing attacks, according to the report.
Earlier in March, a report released by a United States-based firm suggested that a Chinese cyber campaign targeted India’s power grid, resulting in a power blackout that brought India’s financial capital Mumbai to a standstill in October. The Ministry of Power had confirmed that it was aware of the Chinese cyber campaign to use malware to target India’s power network. However, it said that there was no data breach due to the incidents.