New Delhi: Ransomware group Storms targeted and stole sensitive data of several Indian companies including Cement Corp of India Ltd and city-based rental and services firm First Floppy, according to a new report by CloudSec.
According to CloudSec, the group also claimed to have breached sensitive internal data belonging to private sector bank, IDFC First and multinational industrial conglomerate Godrej Group – both of which happened in January this year.
The services of the First Floppy website appear to be functional and in working condition at the time of publication of the report.
Ransomware is a specific type of malware, or code written to breach Internet-connected computers. Using ransomware, hacking groups can block a user’s access to a single computer, or an organization’s access to their entire information technology (IT) infrastructure. Specific hacking groups have used ransomware to gain financial leverage, with companies around the world looking for ways to mitigate this threat with additional data backup, cyber insurance and managed security services.
According to CloudSec, Stormus also claimed to have hacked the source code of First Floppy’s website, and gained access to sensitive information. In previous cases, sporadic sources claimed that Storms was successful in stealing information such as bank statements and identity details from IDFC First, while similar internal data was also stolen from Godrej Group. For the latter, CloudSec stated that the ransomware group demanded payment of $700,000 (approx. 5.5 crores).
Neither IDFC First nor Godrej Group has issued a statement regarding the alleged violation.
Stormus, a pro-Russian ransomware group, is believed to have previously claimed to have stolen more than 160GB of sensitive data from within global beverage company Coca-Cola. In April, the company demanded a ransom of around $65,000 in bitcoin for anyone wishing to purchase a data dump from its dark web store.
While Coca-Cola said in April that it was investigating whether it suffered a data breach, cyber experts raised questions about the veracity of Storms’ claims. Many had suggested that the group may have been exaggerating their claims, led by the much lower price at which they were willing to sell the hacked data.
In India, ransomware attacks have seen a spurt in recent times. On 27 May, SpiceJet, an Indian private airline, admitted that it faced ransomware attacks, which led to several flight delays and cancellations the next day.
In an interview with Mint last month, Chief Information Security Officer (CISO) at public sector undertaking ONGC, N. Raman said the growing demand to connect the company’s critical operational infrastructure – such as an oil rig to an oil exploration company – is leading to an naturally expected increase in cyber attackers looking to take advantage of this opportunity.
Several cyber security reports have also highlighted this. In March this year, US-based cybersecurity Palo Alto Networks said that during the past year, the amount of ransomware attacks on Indian companies has tripled year-on-year – demonstrating a clear threat to data security. That modern ransomware tools offer to enterprises. Are rapidly digitizing their efforts.