Acting on directives from Rajasthan’s Director General of Police, a serious warning has been issued in the state concerning the security of digital data. The Indian Cyber Crime Coordination Centre (I4C) has noted a rise in cybercriminals targeting institutions using Network Attached Storage (NAS) devices. These targets include chartered accountancy firms, consulting agencies, hospitals, IT and media professionals, and educational institutions.
Jaipur’s Deputy Inspector General of Police (Cyber Crime), Shantanu Kumar Singh, highlighted the sophisticated methods employed by these fraudsters. Cybercriminals exploit vulnerable or publicly accessible NAS systems online, gaining unauthorized access through weak passwords or outdated software. They then either copy or encrypt critical data, demanding significant ransom payments and threatening to expose sensitive information, thereby blocking institutions from accessing their own data.
The advisory from the Rajasthan Police emphasizes that chartered accountants and IT professionals are prime targets due to their handling of highly confidential financial data. Incidents of ransomware attacks have also been reported in media organizations and large hospitals. To safeguard valuable data, cyber experts recommend measures such as restricting direct internet access to NAS systems, implementing multi-factor authentication, and using strong passwords to bolster security.
Regular software updates and the application of necessary security patches are crucial to prevent vulnerabilities. Institutions are advised to maintain secure backups at intervals, storing them offline or in protected locations, and ensuring effective data recovery mechanisms are in place for emergencies. Continuous system monitoring is essential for detecting any suspicious activity promptly. In case of any unusual behavior, immediate action should be taken, isolating affected systems from the network to prevent further harm.
Institutions are urged to seek assistance from cybersecurity experts when needed. In the event of a cyber incident, individuals are instructed to report promptly to the nearest police station or cyber police station, or file a complaint via the Cyber Crime Reporting Portal. Contact can also be made with the Cyber Helpline at 1930 or the Cyber Helpdesk at 9256001930/9257510100.
