Electricity Company UHBVN Hacked and Billing Data Ransomed for 10 Million Rupees

In a first of the kind of a case in the country, the hackers have stolen the billing data of the Uttar Haryana Bijli Vitran Nigam (UHBVN), one of the two power discoms of Haryana and have demanded Rs One crore in form of bitcoins from the state government to retrieve the data.

Sources said that UHBVN which is monitoring electricity billings of nine districts of the state (Panchkula, Ambala, Kurukshetra, Karnal, Panipat, Yamunanagar, Sonepat, Kaithal and Rohtak) came under cyber attack at 12.17 AM after midnight on March 21 and thus the billing data of thousands of consumers had been hacked as the IT wing of the nigam was target.

On March 22, when the head office of UHBVN in Panchkula opened as a message was flashed on computer screens in which the hacker demanded Rs One crore in form of bitcoins from the state government in order to retrieve the data.

A case has been registered in Sector 5 Police Station of Panchkula under IT Act and different sections of IPC. 

“The cyber experts of Haryana Police are now investigating the matter. We are trying to trace the IP address from where the attack was initiated,’’ said a police official.

But experts say that the IP  address can be changed in a couple of seconds and the attacker must have used his ‘spoofed’ IP address.

Sources pointed out that now the officials of the nigam are busy uploading the billing data from the log books and some of the data has been uploaded. The loss of data means that the UHVBN would not have any record of power bills of the consumers besides records of the arrears.

It is learned that recently there had been complaints from the consumers that the discom had been sending them inflated bills.

Meanwhile, UHVBN claimed that the cyber attack on the Automatic Meter Reading System (AMR) has not at all affected the billing of about 4,000 Industrial consumers as the backup of the billing data is available with the Uttar Haryana Bijli Vitran Nigam.

An official of the Nigam said that there is no loss of billing data and the billing consumers would not be affected. There is no business loss and there is continuity in the business.

He further said that immediately after the attack the complete system study was carried out by the concerned officers, cyber expert as well as other IT experts. The database was found encrypted and the backup of the encrypted database was also taken for further retrieval. An FIR has been accordingly lodged.

The Nigam had already taken steps much before to phase out the said system and to be replaced by latest, robust and technologically advanced system on cloud services which would be operational by the end of May 2018. The billing of about 4,000 consumers has already started functioning normally, he added.

Last year, many countries, including India, was hit by “Cyber weapons” stolen from the US’ National Security Agency to lock up computers and hold users files for ransom. It is not yet known whether the attack on Haryana Power Corporation is related to last year’s attacks or not.

Credit: IndianExpress

CEH Course In pune | Slink

Jai Prajapati

Jai Prajapati is a security analyst and author for Securityleaks, where he passion for covering latest happening in cybersecurity world such as malware, breaches, vulnerabilities, exploits, white-papers, hacking newsbytes, Dark Web, hacking tutorials and a few more.

Leave a Reply

Your email address will not be published. Required fields are marked *