State Owned Hydrocarbon Producer Hit By Malware For Bitcoin Gains
As India’s second largest hydrocarbon producer, it was a rude shock to find out that you had bit a victim of cyber crime where hackers are actually demanding some 196 bitcoins.
This facility happens to be the Oil India Limited (OIL) that is a state-run hydrocarbon explorer headquartered in the north-eastern state of Assam. Earlier on, suspected Chinese hackers were trying to attack the Indian power grid near the Ladakh border. This could be a part of a larger espionage operation where the hack is a façade to gather critical intelligence that could comprise India’s defense systems and other interconnected systems.
The State level hackers are currently demanding a ransom that amounts to Rs. 61 crores. According to a statement from the company’s spokesperson Tridiv Hazarika, while the breach is serious and the virus is severe, the company has disabled the affected systems as a precautionary measure. The vector used in the cyberattack is still under investigation and therefore could spread to the other servers.
The discovery of the Chinese hacking activity was unearthed by an intelligence firm called Recorded Future. The same firm has also discovered how a Chinese malware had been found pervading the Indian power grid months after the Galwan valley clashes broke out in 2020.
Meanwhile, Mumbai, India’s financial capital and amongst the worst-hit regions during the first wave of the COVID-19 pandemic suffered a city-wide blackout. This forced hospitals across the city to switch to emergency generators to keep critical life support systems functioning. Currently, production and drilling for OIL remains unaffected. Luckily, as the systems were infected, they went offline as well. The cyber-attack was done by using malicious software to encrypt OIL’s systems, Hazarika has added. He further added that, “The software which handles the key business functions of OIL in Duliajan like payments to vendors and contractors also hasn’t been affected and is functioning as usual.”