ISRO warned of a possible cyberattack when Dtrack came calling

BENGALURU: India’s space agency received an alert of a possible cyberattack on its systems early this year, which analysts said was through phishing emails targeted at senior officials.

An Indian Space Research Organisation official confirmed that an alert was received from the Computer Emergency Response Team, India (CERT-In), but the space agency was not affected. The alert came around the time of the Chandrayaan-2 mission.

Yash Kadakia, founder of Mumbaibased cyber security firm Security Brigade, said that he had evidence of emails with malware sent to the five government agencies, including Isro, from suspected North Korean hackers. “They targeted senior officials with emails that had malware attachments relevant to their subject,” Kakadia said.

He suspected that the malware, if successfully installed, could have hijacked the email identity of the recipient and in turn be used to send mails to juniors.

Last month, the Nuclear Power Corporation of India’s Kudankulam nuclear plant said there was a cyberattack on its systems.

The malware, identified as Dtrack, was used to breach the domain controllers of the nuclear plant. The malware has the ability to access files and upload the entire data into a remote network outside of India.