Dehradun – After the attack on the state’s data center, officials now claim that everything is back to normal. IG Law and Order, Nilesh Anand Bharne, informed that all types of data are secure and have been recovered through backups. An SIT (Special Investigation Team) has been formed to investigate the case. The investigation is ongoing to identify those responsible for the attack and it is also being examined whether it was a cyberattack or a virus that spread on its own.
After the cyberattack, IG Nilesh Anand Bharne, DIG STF Sethil Abudai Krishna Raj S., and SSP STF Navneet Bhullar held a joint press conference at Patel Bhawan. They informed that on October 2nd, the ITDA server was hacked. while addressing some complaints on the CCTNS (Crime and Criminal Tracking Network and Systems)and the application suddenly stopped working, it was found that the entire server had gone down. The ITDA, STF, and central investigative agencies immediately started investigating the matter. After preliminary investigation, on October 4th, a case was registered by the CCTNS in-charge inspector at the Cyber Police Station.
While addressing the media about the cyberattack, IG Crime and Law and Order Nilesh Anand Bharne said that hackers had provided two email IDs, asking to be contacted. Initial investigations revealed that the hackers would only restore the server after receiving a ransom. They had also made unauthorized changes to some websites. As a precaution, all websites and applications were scanned. The IG confirmed that no deal was made with the hackers, and the expert team has now restored the entire server. Almost all websites are functioning smoothly again. An SIT, led by DSP Cyber Ankush Mishra, has been formed to investigate the case further. The IG mentioned that the investigation team would soon reach a conclusion, though they are yet to determine the origin of the hackers.
DIG Sethil Abudai Krishna Raj S. stated that the ITDA operates about 1,400 virtual machines, but only seven were affected by the cyberattack. As a precaution, the rest of the virtual machines were shut down. Gradually, as control was regained, they were reactivated. The data has been recovered through backups.
