Nine Indian firms fell prey to US hackers : Report
At least nine Indian organisations fell prey to persistent cyber attacks by a state-sponsored US hacker group in 2021, recent research has revealed. The research data shared exclusively with Hindustan Times shows that a large quantity of sensitive data was hacked and stolen by the group from the targeted servers. The hacker group, which has been active since at least 1998, is known by several names on the dark web. Officially, the cybersecurity community recognises it as TAO or Tailored Access Operations.
Earlier this year, a Singapore-based cybersecurity cs TAO or Tailored Access Operations.ompany, conducted detailed and focused research into TAO’s activities from January to December 2021. The research report shows that India was among the biggest targets of TAO. According to the report, an Indian airline and eight other Indian websites were targeted by the hacker group last year, with just one prize in the crosshairs: data.
The research found that the websites were hacked using a method known as SQL injection, where malicious computer code is injected into a website to gain unauthorised access. ‘SQL’ is a programming language, called Structured Query Language, used in programming. Just as a good SQL command leads to productive results, malicious SQL injection leads to unauthorised access. In the past, the tool was appreciated by cybercriminal gangs targeting banks, while today it is popular among various threat actors regardless of their motivation, including infamous ransomware operators.
The targeted websites belonged to organisations in different sectors in India, like government, logistics, industrial manufacturing, consulting, sports, engineering, education and transport.