Rajasthan Police release advisory to prevent institutions from cyberfraud attacks

Jaipur, March 25 (IANS) Acting under the directives of Rajasthan Director General of Police, Rajiv Kumar Sharma, a serious warning has been issued in the state regarding the security of digital data, officials said on Wednesday.

Based on observations by the Indian Cyber Crime Coordination Centre (I4C), it has emerged that cybercriminals are now specifically targeting institutions that use Network Attached Storage (NAS) devices.

These include chartered accountancy firms, consulting agencies, hospitals, IT and media professionals, as well as educational institutions.

Jaipur Deputy Inspector General of Police (Cyber Crime), Shantanu Kumar Singh, said that the modus operandi of these fraudsters is highly sophisticated.

Cybercriminals identify vulnerable or publicly accessible NAS systems over the internet.

By exploiting weak passwords or outdated software, these cybercriminals gain unauthorised access and then copy or encrypt (lock) critical data.

They subsequently demand hefty ransom payments, threatening to make sensitive data public, effectively denying institutions access to their own information.

According to the advisory released by the Rajasthan Police, chartered accountants and IT professionals are among the primary targets, as they handle highly confidential financial data of clients.

In addition, ransomware incidents have also been reported in media organisations and large hospitals.

Sharing tips to safeguard valuable data, cyber experts recommend that institutions should restrict direct internet access to NAS systems, implement multi-factor authentication, and use strong passwords to enhance security.

It is essential to regularly update software and apply all necessary security patches to prevent vulnerabilities.

Institutions should also maintain secure backups at regular intervals and store them offline or in protected locations, while ensuring proper data recovery mechanisms are in place to handle emergencies effectively.

Continuous monitoring of systems is crucial to detect any unusual activity.

Immediate action should be taken if suspicious behaviour is observed, and affected systems must be isolated from the network without delay to prevent further damage.

Institutions are also advised to seek assistance from cybersecurity experts whenever required, officials said, adding: "In case of any such incident, report immediately to the nearest police station or cyber police station, or file a complaint via the Cyber Crime Reporting Portal: https://cybercrime.gov.in. The complainant may also contact the Cyber Helpline at 1930 or the Cyber Helpdesk at 9256001930/9257510100," officials said.

--IANS

arc/khz