Seaports in India were left vulnerable to takeover by hackers

The National Logistics Portal (NLP), a newly launched platform to manage all port operations in India, left public access to sensitive data, posing the risk of a potential takeover by threat actors.

On September 24th, researchers discovered that the NLP platform was exposing sensitive credentials, secrets, and encryption keys via publicly available JS files.

In addition to that, a number of Amazon Web Services (AWS) S3 buckets were left publicly accessible to anyone. The buckets contained the personal data of workers, marine crew, invoices, and internal documents. As the platform deals with the country’s critical infrastructure, this oversight might introduce great risk.

Alarmingly, the exposed AWS S3 keys allowed anyone to get higher privileges and gain access to all of the NLP infrastructure. This poses a grave danger of ransomware attacks. Threat actors could have taken advantage of the access to the system to encrypt critical information and make it inaccessible to the waterways authorities.

Data leak sample
Image by SecurityDiscovery.

It might have caused far-reaching consequences, such as disrupting the trade and operations of India’s ports, not to mention the financial implications of significant ransoms demanded for the decryption keys.

According to the CEO of SecurityDiscovery Bob Diachenko, who first identified the leak, the exact consequences are hard to estimate.

“Figuratively speaking, India’s one-window solution for shipping has left its digital keys right under the doormat. Moreover, the door itself was also open. The JS file should not contain hardcoded credentials in the first place and AWS S3 buckets with sensitive data should be private – especially, when it is a governmental institution. It is also a huge reputational risk not only for that particular asset but for the entire country,” explained Cybernews Diachenko.

Data leak sample 2
Image by SecurityDiscovery.

Launched in January this year, NLP is a one-stop platform to manage logistics at India’s ports, such as the management of customs documents, paying fees, tracking shipments, and other port activities.

The system remains in active development, with intentions to broaden its scope to include all modes of transportation, spanning waterways, road networks, and air travel. According to their press release, the platform is aiming to reduce regulatory complexities and make a push for paperless trade.

The leak was disclosed to the NLP platform’s managers, and the problem was fixed. Cybernews requested a comment but received no reply at the time of writing.

More from Cybernews:

DarkBeam leaks billions of email and password combinations

Ahead of 2024, Musk’s X cuts its election integrity staff

French competition watchdog raids Nvidia offices

LastPass employees and customers targeted in “pervasive” phishing campaign

NSA forms central AI security hub

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked