Mumbai Cyber Cell Begins Probe Of Ransomware Attack On MIDC

MUMBAI: The information technology infrastructure of the Maharashtra Industrial Development Corporation (MIDC) was disrupted by a ransomware attack known as SYNack. Cyber police filed a FIR under the Information Technology Act on Wednesday. Cyber police are investigating the hacking of MIDC’s server, according to Mumbai Police spokesperson DCP S Chaitanya.

MIDC said in a circular released on Tuesday that users and customers have been experiencing online service disruptions since March 21. “The programme and database were both affected by the ransomware SYNack. Some end-point personal computers at MIDC’s various locations were also compromised by the ransomware.”

“The hacker used ransomware to encrypt the server,” Chaitanya said. As a consequence, MIDC’s data access work has been put on hold.

The hackers are said to have demanded a ransom of Rs 500 crore, but neither the police nor MIDC officials have verified the exact sum. According to the police, it is still unclear if the attackers are Indian or foreign.

ALSO READ: Cyber Attack On MIDC: Hackers Demand Rs 500 Cr Ransom

P Anbalagan, the CEO of MIDC, denied receiving any ransom demand. “There is no such demand! We’re trying to figure out origin of the attack,” he said. According to police officials, there was no demand for ransom in the FIR.

Many industrial units complained to MIDC about their inability to make online payments. According to the circular, systems are being brought online in stages due to the difficulty of the restoration process. It also announced that payment deadlines will be extended from March 31 to April 15.

Last Friday, Anbalagan said, the site was restored for single window services. “It will be completed today (Wednesday) for ERP. As of tomorrow (Thursday), all applications will be operational,” he said. MIDC applications are hosted on the service provider’s ESDS cloud service as well as local servers run by MIDC’s internal staff.

MIDC is the state government’s industrial infrastructure growth arm. MIDC manages its 289 industrial complexes, which cover 66,000+ hectares, across 16 regional offices.

According to the press release, MIDC management issued automatic warnings after the attack that its applications had gone down on the same day. The ransomware attack was verified after further research later in the day. For end point security monitoring, MIDC has a Trend Micro anti-virus licence. The ransomware’s information were shared with Trend Micro for further study.