Cybersecurity experts Seqrite Cyber Intelligence Labs and seQtree InfoServices have found an advertisement on DarkNet announcing secret access to servers and database of more than 6,000 Indian companies. The hackers have priced the information at 15 Bitcoins and offer to take down the network of affected companies for an unspecified amount.
On further probe, the cybersecurity experts found the affected organisation as Indian Registry for Internet Names and Numbers (IRINN), which comes under National Internet Exchange of India (NIXI).
The security experts have now reached out to government authorities and Asia Pacific Network Information Centre (APNIC) and asked them to alert the affected firms and suggest them to change passwords.
They also asked the authorities to recommend the affected companies to get their servers and systems replaced with latest updates.
According to experts, the hackers claim to have the ability to destroy the Internet Protocol (IP) allocation pool, that could pose a severe threat like Denial of Service (DoS). This could lead to various Content Delivery Network (CDN) issues as well.
If the hacker is able to crack a potential buyer, then there are high chances of an attack on the system which could disrupt IP allocation and further act as a serious risk for the overall Internet services in India.
The hacker is selling credentials, Personally Identifiable Information (PII), which is any data that could potentially identify a specific individual and various contractual business documents. The hackers also claim to have access to huge database of Asia Pacific Network Information Centre (APNIC)
Reports suggest that the hackers have shared a list of more than 6,000 compromised emails from key Indian companies and government agencies.
Earlier this year, Indian companies and government institutions were also hit by massive WannaCry ransomware attack that affected several banks, manufacturing companies, multinational firms and personal computers of Andhra Pradesh Police.
However, the present breach came after the Ministry of Electronics and Information Technology released a notification to give more preference to the Indian cyber security solution providers.
The companies, however, have been warned by the regulators to improve their cybersecurity, because of the risks they can pose to the whole sector.