Recently, Seqrite Labs and seQtree Infoservices in India tracked a DarkWeb advertisement for the sale of stolen data from over 6000 Indian organizations, including government agencies, private companies, and ISPs. In addition to selling information, the attacker claims to be able to take out the network of any of these breached companies, for a price. Allegedly, they can corrupt the IP allocation pool, rendering the system unable to function. If true, this is very disturbing news for all these organizations, but most of all for the Asia Pacific Network Information Center (APNIC), which investigators are all but certain has been compromised by these attacks. They have ascertained this by posing as a potential buyer online and obtaining sample e-mail lists. As for the identity of the attacker, it seems the persona being used was just created recently, a more and more common tactic used by cyber criminals. If a network damaging attack were to be performed on IRINN, an ISP identified as being breached, it could have catastrophic effects on IP allocation and therefore internet access in India.
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
Fraser G says
Matt-
Interesting article. I wonder what effect this will have on all of the outsourced IT to that region? Also, when are we going to start hearing from about breaches from compromised organizations first, and not from the stolen data providers?
Fraser