MIDC server hacked, hacker demands Rs 500 crore
Published on : Thursday 01-04-2021
Actually, the server got hacked last Monday, due to which the work of all 16 regional offices of MIDC are completely closed.
March 2021 – A case of server hacking of Maharashtra Industrial Development Corporation (MIDC) has come to light recently. The ransomware ‘SYNack’ affected the applications and database servers facilitated at the MIDC headquarters in Mumbai by encrypting the information put away in these servers. Hackers have mailed a demand of Rs 500 crore on MIDC's official mail ID, sources said.
Actually, the server got hacked last Monday, due to which the work of all 16 regional offices of MIDC are completely closed. It is being said that on the official mail of MIDC, the hacker has asked for Rs 500 crore and said that if the money is not given, all the data will be deleted. The server has information about all the schemes and industries of MIDC. It is an online system.
Now if the information received from the sources is to be believed, the virus is showing in the system as soon as the MIDC computer is started. In such a situation, if anyone enters the system then all the data will be destroyed. The malware additionally tainted some desktop PCs across various office areas of the MIDC. The assailants had attached a ransom note giving details of the assault and the steps needed to be taken to approach them for decryption of information.
Nonetheless, no sum was directly referenced in the ransom note, a statement given by the MIDC expressed. After the hack, every one of the 16 regional workplaces in the state, including the head office in Mumbai, has been shut down. The total data of all the industrial estates, entrepreneurs, government elements, and different plans identified with MIDC is accessible on an online system. The whole work has come to a halt since last Monday after the hack.
The MIDC approached the police after which the Cyber Crime Police started their probe into the hacking incident. A statement issued by the MIDC read, "On Sunday, March 21, at around 2:30 AM, we received automated alerts that our applications were down. On further analysis during the day, the ransomware attack was confirmed. MIDC's applications are hosted on ESDS cloud (services managed by ESDS, Cloud Service Provider) and local servers (managed by MIDC internal team). We have Trend Micro anti-virus license for end-point security monitoring. The details of the ransomware were shared with Trend Micro for further analysis."
"As an immediate measure, the MIDC systems were disconnected from the network to contain the spread of the virus. The backup files for different application servers were stored on a different network segment on Cloud DC and were not infected. As per the recommendations from Cyber Security experts, several steps are being taken to control the spread of virus and minimise the impact," the statement read further.
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)