India’s cyber security agency, the Computer Emergency Response Team (CERT-In), has traced cyber attacks on the National Highway Authority of India (NHAI) to unknown IP addresses in Hong Kong and Taiwan, according to a Times of India report.
NHAI’s server was attacked by malware as part of a Maze ransomware attack back in June, according to media reports.
CERT-In has been assessing the malware attack and has found major gaps in the highway authority’s security system, according to the
NHAI has been advised to disable VPN accounts with suspicious activity, replace active directory server and block malicious IPs as an immediate security measure, the report said.