The server of Maharashtra Industrial Development Corporation was hacked recently. The ransomware ‘SYNack’ impacted the applications and database servers hosted at the MIDC headquarters in Mumbai by encrypting the data stored in these servers.
The malware also infected some desktop PCs across different office locations of the MIDC. The attackers had attached a ransom note giving details of the attack and the steps needed to be taken to approach them for decryption of data. However, no amount was directly mentioned in the ransom note, a statement issued by the MIDC stated.
The MIDC approached the police after which the Cyber Crime Police initiated their probe into the hacking incident," joint commissioner of police, crime, Milind Bharambe confirmed to the FPJ.
A statement issued by the MIDC read, "On Sunday, March 21, at around 2:30 AM, we received automated alerts that our applications were down. On further analysis during the day, the ransomware attack was confirmed. MIDC’s applications are hosted on ESDS cloud (services managed by ESDS, Cloud
Service Provider) and local servers (managed by MIDC internal team). We have Trend Micro anti-virus license for end-point security monitoring. The details of the ransomware were shared with Trend Micro for further analysis."
"As an immediate measure, the MIDC systems were disconnected from the network to contain the spread of the virus. The backup files for different application servers were stored on a different network segment on Cloud DC and were not infected. As per the recommendations from Cyber Security experts, several steps are being taken to control the spread of virus and minimize the impact," the statement read further.