The Pimpri-Chinchwad Municipal Corporation Smart City project, managed by Tech Mahindra, faced a ransomware attack on its servers in end-February.
A ransomware attack that hit a Pune district’s smart city project did not cause any data loss, but will still cost Rs 5 crore in efforts of rebuilding server infrastructure and shoring up security standards, Tech Mahindra has stated. The latter, which manages the Pimpri-Chinchwad Municipal Corporation (PCMC) Smart City project in Pune, has underlined that after facing the ransomware attack in late February, a detailed assessment of the situation has been made, leading to this conclusion on the matter. A report on the matter by The Economic Times has stated that this may have been the first known cyber attack of its kind on a smart city project in India.
The ransomware attack on the PCMC Smart City project’s server infrastructure seemingly happened towards the end of February. Tech Mahindra has subsequently filed an FIR on the matter with the Nigdi Police Station near Pune on March 9, stating that the threat actors in question had demanded the ransom be paid in Bitcoin. The ET report quotes Nilkanth Poman, joint CEO of the PCMC Smart City as stating that no ransom was paid to the attackers. However, the ransomware attack on the Pune district’s smart city project will still cause some financial loss in efforts to rebuild the affected server infrastructure.
25 servers of the PCMC Smart City project were affected by the ransomware attack, which now need to be rebuilt along with implementation of a robust security system.
The incident is the latest among myriad cyber security incidents that are increasingly affecting both public and private infrastructure in India. A number of these incidents are also linked to a lack of cyber security efforts from various bodies. In February, News18 reported that the West Bengal state government’s department of health and family welfare left exposed in public an entire database containing lakhs of Covid-19 test reports, revealing key personal details such as place of residence, among others. Such actions may increasingly contribute to various cyber security gaffes, such as identity thefts. While these may not directly cause rampant financial damage, all of these add up to a wide variety of cyber security concerns that require increasing scrutiny.
Sujit Baksi, president of corporate affairs at Tech Mahindra, reportedly said in a press statement that 25 servers of the PCMC Smart City project were affected by the ransomware attack, which now need to be rebuilt “along with implementation of a robust security system.” He further explains that the Rs 5 crore damage cost assessed by Tech Mahindra is pertaining to these very endeavours, and does not allude to any cost incurred due to loss of data or other material costs associated with the project. The servers are further claimed to be entirely recoverable, and there would be no further commercial impact of this attack on the project.
Ransomware continues to make for the most common form of cyber attacks that are targeted at bodies of authority around the world. Various states of USA have played witness to widespread ransomware attacks aimed at crippling official infrastructure in order to play up threats, and India has also been witnessing a growing volume of cyber attacks in recent times. The country is now the second most impacted in terms of cyber attacks in Asia, according to an IBM survey. This, in turn, highlights the need to standardise and regulate cyber security as an essential sector, and impose stringent cyber security standards across public and private sectors, in a bid to minimise the loss that may be incurred in process.