India’s critical infrastructure, involving gas and water supply, and security installations, may be more open to cyber attacks than what has been previously evaluated, according to a report. Often, what stands between the facilities and an attack is only a weak username and password–such as guest and guest@123, or admin and admin!
A report by cyber-security firm CloudSEK exposed vulnerabilities that can compromise critical infrastructure, enable dangerous misinformation campaigns, endanger water-treatment systems and weaponise gas distribution systems. The report titled “Abysmal State of Global Critical Infra Security” analysed the risk of cyber attacks on gas, water and government services across the world, and found them at high risk.
In fact, India had the most number of easily hackable water-treatment systems in the world. Through a weakness in the use of its software, a hacker can jeopardise the systems that can affect a large population.
“We had alerted all the private and government agencies two months before and they have fixed the vulnerabilities,” said Sparsh Kulshrestha, Senior Security Analyst, CloudSEK and author of the report.
CloudSEK, founded in 2015, creates AI-powered solutions to detect, analyse and alert entities about threats from surface web, deep web and dark web. Their mission is to produce machines that can enable digital security through learning and evolving. In 2020, it was given the Cybersecurity Award at Nasscom Emerge 50 2020.