|
||
Indian Petroleum Refineries Network Faces Enormous Cyber Attacks from October 2021 to April 2022: CyberPeace Foundation and Autobot Infosec | ||
New Delhi, Delhi, India The vulnerable, exposed systems that are unmonitored and facing the internet are the most attacked targets for threat actors.
Research done by CyberPeace Foundation (CPF), Autobot Infosec Private Limited, along with CyberPeace Center of Excellence (CCoE), has found that nearly 3.6 lakhs attack events have been recorded between October 2021 to April 2022 on Critical Information Infrastructure (CII) threat intelligence sensors network simulating the Petroleum Refinery network simulated by the research group in India.
The study is a part of CyberPeace Foundation’s e-Kawach program to implement a comprehensive public network and threat intelligence sensors across the country to capture internet traffic and analyze real time cyberattacks that a location or an organization faces. A credible intelligence on real-time threats empower organizations or a Country to build cybersecurity policies.
“By deploying the simulated network, we can collect data on attack patterns, the different types of attack vector for the different protocols, and the recent trends of malicious activity,” spokesperson, CyberPeace Foundation added.
Trends noticed by the research Like any other critical infrastructure worldwide, Indian critical infrastructure is also vulnerable to cyber attacks involving state & non-state actors. The SCADA Critical Information Infrastructure (CII) threat intelligence sensors network simulating the Petroleum and refinery industry deployed by the CyberPeace Foundation, Autobot Infosec Private Ltd. with the CyberPeace Center of Excellence (CCoE) partners have seen a surge in the number of cyberattacks with 359,989 hits between October 2021 to April 12th 2022.
Being Specific, In October 2021: 117633 hits In November 2021: 55871 hits In December 2021: 20714 hits In January 2022: 52598 hits In February 2022: 19342 hits In March 2022: 69998 hits In April 2022 (Till 12th): 23833 hits
The Mostly attacked protocols were FTP, HTTP, s7comm, Modbus, SNMP, BACnet.
In addition, there is an increase in the number of phishing/social engineering attacks on Indian organizations in the petroleum or refinery business, as is illustrated in the following case.
Recently, news has been making the rounds on the internet that Oil India Limited's field headquarters in Assam's Dibrugarh faced a Cyberattack with the injected malwareon their systems, asking for USD 75,00,000 as a ransom.
WhatsApp message containing fake url
In addition to this, the CPF spokesperson has also drawn attention to WhatsApp messages masquerading as an offer from Indian Oil with links luring unsuspecting users with the promise of Indian Oil fuel subsidy presents making the rounds on the app recently. If you receive such messages, try to avoid them, as they can be a scam.
A similar study has been conducted by the Research Teams, based on a WhatsApp campaign that contained a link pretending to be a gift offer from Indian Oil that asks users to participate in a survey and get a chance to win USD 2000.
Fake Congratulatory message
Warning Signs of the Campaign:
The Advisory:
|
||
|
|||||
| |||||