India’s third largest private conglomerate Aditya Birla Group was hit by a major cryptojacking attack. The incident is thought to be the first large-scale cryptojacking strike to hit India.
Subscribe to the Bitsonline YouTube channel for more great interviews featuring industry insiders & experts
As reported by Economic Times, hackers were able to infect over 2,000 computers with Monero mining malware, utilizing a significant percentage of the entire computational power of the Indian conglomerate.
Acknowledging the attack, an Aditya Birla Group spokesperson told reporters:
“Aditya Birla Group has advance threat management systems that are constantly monitoring and protecting business critical applications and infrastructure in all Businesses. Recently, the advance threat detection systems of our Group alerted us of suspicious activity on some desktop systems. Based on this, our internal team immediately carried out an investigation and deployed countermeasures to isolate and eliminate the cause of this activity.”
The Aditya Birla Group spans multiple subsidiaries with offices in forty countries. The hackers’ infiltration was first discovered last month at an overseas subsidiary. The malware then circulated to multiple computer systems. Reporting out of India suggests that the malware also made its way to some of the computer systems of the manufacturing unit of Birla Group.
“It’s a kind of attack where the primary intention of the hackers is not to steal information and cause business disruption. Rather, they hijack the target’s computers and tap the power supply to the organization to mine crypto coins,” said a person familiar with the incident.
A Birla Group spokesperson assured the public that there was no data loss and that a comprehensive investigation was almost complete. However, hackers were able to successfully mine what is considered to be a substantial amount of privacy-focused Monero.
Commonly, hackers target establishments that have hundreds or thousands of computer systems, with universities also proving fertile hunting grounds. The pattern being played out is that hackers first deploy mining malware on a single computer system, and then infect all systems linked to it.
In March this year, the world’s biggest software company Microsoft Corporation called illegal crypto mining an “increasing threat”. Many private and public organizations have fallen victim to cryptojacking. Even England’s national healthcare system – the National Health Services website – was attacked.
Some other high profile victims of cryptojacking attacks include electric vehicle pioneer Tesla and even Google’s DoubleClick Ad Service.
How can organisations plan in advance a defense strategy against cryptojacking? Share your views in the comments section below.
Images via Pxhere