West Bengal Police has launched an investigation into a major breach at the Cyber Crime Wing (CCW) data centre, which houses confidential cyber investigation tools. Officials suspect deliberate sabotage by the Kolkata-based private vendor ( Local Partner) managing the facility, despite the company’s claim of a ransomware attack.
The data center of Cyber crime wing is a specialised facility for storing, processing, and managing large volumes of digital data. Here, it hosts sensitive law enforcement tools like the CAT C5 application, which filters VoIP calls used to filter VoIP calls for cyber investigations and supports state wide software and IP data analysis.
The facility—commissioned on September 30, 2024 under the State Grid Project—was awarded to the vendor as the L1 bidder in a December 2023 Webel Technology Ltd e-tender. They lodged an FIR with Bidhannagar cyber crime PS, suspecting that the data could also be compromised due to sabotage on the part of the private firm.
Sources revealed that subject matter experts had earlier advised upgrading the facility with defence-grade encryption, but the recommendation was ignored. On July 28, the CCW reported a total service disruption. The vendor alleged ransomware had encrypted all data and storage systems, showing a ransom note on inspection.
However, CCW suspects foul play, noting the vendor retained exclusive remote access during the incident and had repeatedly refused to hand over administrative credentials, even after a high-level meeting on July 25. The CCW, suspects deliberate sabotage, noting that the vendor maintained exclusive remote access to the data centre during the attack," the complaint filed by the OC, computer cell of Cyber Crime Wing, stated.
The complaint states that, despite repeated reminders and a high-level meeting on July 25 at the DG & IGP Cyber Crime Wing’s office, the officials allegedly refused to provide administrative control and access credentials for the state’s central data centre. Two days later, on July 27, multiple districts experienced VPN outages and C5 application access issues.
Two days before the breach, multiple districts reported VPN failures and C5 access issues. Several officers, including senior officials, are under scrutiny, with some already facing action. Sources said, the VPN belongs to a company based out of Israel.
The FIR at Bidhannagar Cyber Crime PS invokes BNS provisions on criminal conspiracy, cheating, and breach of trust, alongside IT Act sections. The probe is ongoing.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
