IIT Madras Server Shutdown Raises Cyberattack Alarm; Microsoft To Intervene

In what could be yet another incident of cyberattack, computer servers of the Indian Institute of Technology, Madras (IIT-M) went down on Monday (February 17), which in turn also impacted email services of prominent engineering institute of the country.

IIT-M now has now partnered with tech giant Microsoft which will help the institute to get access to the server again. On Wednesday, IIT-M said that the institute is investigating the reason behind the server shutdown. “The Institute has a back-up for the email system and will restore the system soon,“ an IIT-M professor was quoted as saying by ET.

The professor further added that the institute has set up an investigative team which includes senior officials of IIT-M and Microsoft engineers to get to the root cause of the server shut down. While there were speculations of a cyber attack, the professor said that the reason behind the server shut down is unknown till now.

Has IIT-Madras Joined India’s Cyberattacks Gallery?

According to a new Data Security Council of India (DSCI) report, India had the second-highest incidence of cybersecurity attacks between 2016 and 2018. Moreover, the average cost for a data breach in India has risen 7.9% since 2017, with the average cost per breached record amounting to INR 4,552 ($64).

Recently, the Nuclear Power Corporation of India Ltd (NPCIL) had confirmed that its system at the Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu was affected by malware in October last year. At that time, there were speculations that the cyber attack was orchestrated by ‘Dtrack’ malware.

Notably, Dtrack is a virus used by North Korea-based hacker group Lazarus. Prior to this, Dtrack was used in the past to attack financial and research centres in India, and its variant ATMDtrack was designed to hack ATMs in India.

Another spyware which made headlines last year was Pegasus which was used to snoop around over Whatsapp data of around 1,400 users, including 121 in India. The Pegasus scandal even gained traction in the media after it was found that authorities sitting in Saudi Arabia used Pegasus to snoop personal data of Amazon’s founder and CEO Jeff Bezos.

Earlier in July 2019, two security loopholes were discovered in Mumbai-based hyperlocal search engine Justdial’s database that was said to have exposed user data from over 100 Mn users.

Other Indian startups which have also witnessed data breach cases include fintech company EarlySalary, foodtech unicorn Zomato, foodtech startup FreshMenu and travel platform Ixigo.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.