Pune-Based Company Falls Prey to ‘man-in-the-middle’ Cyber attack

The cyber attack cases in India skyrocketed in 2020. When compared with the last quarter of 2019, a 37 percent increase in the number of cyber attack cases was noted in the first quarter of 2020. The COVID pandemic has largely been viewed as a curse for the Indian cyber security.

Recently, it was revealed that a Pune-based multinational engineering company lost nearly 56,000 euros in a cyber attack that took place in the months of August and September. The news came into limelight after the officials of the company realised that they made a mistake in funds transferring.

The officials claimed that the ongoing transaction between the Pune-based company and a German company was sent to a wrong bank account. However, the experts in the field clarified that the engineering company was defrauded by way of a ‘man-in-the-middle’ cyber attack, wherein the company officials fell prey to fraudulent emails.

By using the ‘man-in-the-middle’ attack method, the attackers got detailed information about the ongoing business dealings between the involved parties by hacking into the email accounts of the German company. They created an email account that resembled the participant’s mail address and then used it to spread the information saying the original account of the other participating party was non-functional. The concerned deposits were thereby made to the accounts belonging to the hackers.  

An FIR was filed under the Information Technology Act and Indian Penal Code section 420 (Cheating) at the Pimpri police station, following a preliminary inquiry by the Pimpri Chinchwad Cyber Crime Cell. Some of the previous data suggests that it is not the first time when a Pune-registered company has fallen prey to the ‘man-in-the-middle’ cyber attack.

At least four similar cases were reported in the second half of 2019. The Cyber crime cell of Pimpri Chinchwad Police even facilitated the return of around Rs 50 lakh (equivalent sum in US dollars) in two separate cases in October 2019. The delays in regular updating of the security features of company email accounts have been spotted as a major reason behind similar cyberattacks.

Senior inspector Milind Waghmare said the police launched a probe into the account details and emails used by the cyber fraudsters. What’s unacceptable is that despite the five-point advisory issued by the police last year, such cyber attacks have continued to occur. The lack of awareness amongst the staff has been considered a major factor behind the growing frauds. Further, the COVID pandemic and the unprecedented lengths to which the government and officials had to go created more dependency on technology.

Meanwhile, the experts are of the opinion that the overall experiences and advancements that took place in the tech industry in 2020 might play a great role in shaping the technology sector in the years ahead.

Leave a Reply