At a time when the country is yet to recover from the shock of losing 20 Indian soldiers in a violent clash with the Chinese People's Liberation Army (PLA) troops in Ladakh's Galwan Valley, another shocker has come to light with news coming of a malware hitting the Indian Railways network and snooping its data for foreign countries, including train movements, sources in the intelligence agencies said on Friday.
Meanwhile, Railways Board Chairman V K Yadav said that the national transporter keeps on receiving malware security threats and the engineers in the railways keep on taking all precautions and keeps on updating the firewalls to prevent data theft.
The news comes a day after the Dedicated Freight Corridor Corporation Limited (DFCCIL) decided to terminate the 417-km signalling project worth Rs 471 crore with Chinese firm Beijing National Railway Research and Design Institute of Signal and Communication Group Company Limited (BNRRDISC) due to non-performance.
According to intelligence agency sources, the system of the Railways has been hit by the APT 36 Malware campaign. The source said that the intel agencies have also alerted the Railway Board to instantly disconnect the system with the Internet and change the password immediately.
The source said the APT 36 Malware is connected to Pakistan, which is a close ally of China. The source further said that following the red flag from the intel agencies, the system of a senior Principal Executive Director of the Railways, working in its vigilance department, has been taken for cleaning the malware threat.
As per the source, through the APT 36 Malware campaign, data stored in the Indian Railways systems were being stolen and stored in foreign locations, including the movement of the trains.
He further claimed that the APT 36 Malware also tried to take defence movement data.
The source said the APT 36 Malware effect was reported from at least four systems of the Indian Railways.
Responding to queries, the Railways Board Chairman said: "Whether it is our systems or the IRCTC, we continuously update it with firewalls, and it is an ongoing process as we get the updates."
Yadav said that our system is updated time to time. "We get malware threat on a regular basis. And we look at it continuously," he said.
When pressed further about the malware threat in four railways systems, he said: "It has not come to our notice that some information has been leaked. Our systems are secure and our engineers keep on working on it."
According to intel sources, besides Railways, there was also malware threat in the defence, central police organisations, education and healthcare sectors, the source said.
In view of the threat, the intel agencies have asked the departments concerned to change the passwords of emails and online services from secure computers, format the hard-disk of the affected computers after taking back-up and re-install the operating systems and other softwares.
Sources in the Railways had said on Thursday that DFFCIL, which is looking after the work of the Dedicated Freight Corridor Project, has decided to terminate the tender with BNRRDISC.
A source in the Railway Ministry said that it has informed the Railway Board and the World Bank to take the final decision in the matter.
The source said the project was awarded to the Chinese firm in 2016 for signalling and telecommunication work on the 417-km Kanpur-Deen Dayal Upadhyaya section of the Eastern Dedicated Freight Corridor (EDFC).
The source disclosed that the contract was awarded to the Beijing National Railway Research and Design Institute in June 2016. The source further said that even after four years, the progress in the project was only 20%. The issues that led to the termination of the project are reluctance by the company to furnish technical documents, as per the contract agreement, such as logic design of electronic interlocking.
The source further said that other issues like non-availability of their engineers and authorised personnel on site were a serious constraint. Even physical work could not progress as they have no tie-up with local agencies.
The 3,373-km DFC, a flagship project of the Railways, aims to augment rail transport capacity to meet the growing requirement of movement of goods by segregating freight from passenger traffic.
Intelligence alerts point to malware attack and snooping of data on Railways