Aadhaar’s biometrics reportedly targeted by Chinese state-sponsored hacker group


TAG-28, a hacker group believed to be backed by the Chinese government, attacked the Unique Identification Authority of India (UIDAI), among several targets in the country, presumably in an attempt to gain access to the database. Aadhaar biometrics and digital identity data. information it exploits, according to a new report.

The Insikt Group and Recorded Future report found that a pair of IP addresses registered with the UIDAI appeared to communicate with the same Cobalt Strike C2 server that was targeting Bennett Coleman and Company Ltd. (BCCL), also known as “The Times Group”, between June 10 and July 20, 2021. Less than 10MB of data was exfiltrated from the UIDAI network, and there is no evidence that biometric data was been stolen, although 30MB of “entry” may indicate malware was missed.

Cobalt Strike is a commercial network defense tool that can be reused by hackers, and the TAG-28 group has also allegedly used well-known malware called Winnti to carry out attacks, according to the report.

The Aadhaar database contains biometric data of over one billion Indians. As The Record from Recorded Future points out, the motivation behind the Aadhaar database hack could include collecting data to train biometric algorithms or to identify high-value targets like government officials for further attacks.

Then there is the possibility of more sophisticated attacks using the data.

“There is huge potential for logging into people’s accounts using biometrics,” said Josephine Wolff, associate professor of cybersecurity policy at Tufts University. “Just think about it: if you were to try to log into a protected system, you would get a good idea of ​​the biometrics being part of that login. Or if you wanted to know what services people are using iris scans would be really valuable. This would give them access to social protection programs, so they can extort people by threatening to block access to food or health care. “

The UIDAI told Bloomberg it was unaware of a breach and that its biometric database was encrypted, with access secured by multi-factor authentication.

Articles topics

Aadhaar | biometric data | biometric database | biometrics | China | cybersecurity | digital identity | hacking | India | UIDAI

Source link


Leave A Reply