Phishing and Unauthenticated Emails led to $18.6 million heist at Indian arm of Tecnimont

Currently being termed as one of the biggest cybersecurity breaches in the country, the Indian arm of the Italian company, Tecnimont SpA has been hit by a cyber heist of Rs. 130 crore.

The Chinese hackers sent emails to the Indian arm, impersonating as the Group CEO, asking to transfer money needed for an acquisition, and were convincing enough to make them believe that the money could not have been transferred through Italy due to regulatory issues.

As email is the largest vector of communication for any enterprise, according to reports, 93 percent of cyber attacks including data breaches, ransomwares, malwares and cyber heists like this one started at the Human Layer where the employee was not able to differentiate a phishing email to a genuine one.

Ankush Johar, director at www.emailauth.io and www.humanfirewall.io, says: “Hackers today play on factors like Urgency, Greed, Obedience, Apathy, Hubris and Ignorance and attack the Human Layer. Enterprises and Governments might have invested a lot for security on the technology front, but what are they doing to alter the psychology of their employees? Today, it is imperative for any entity to govern their assets like domains and emails and also make sure to alter psychology of their employees to be suspicious by nature and become the first line of defence against cyber attack attempts like these. It is high time that the organisations realise the need of Security, Automation, Orchestration and Remediation (SOAR) and be sure of not being compromised in the coming time.”

The hackers also arranged a series of conference calls during this process, impersonating as representatives of the Group CEO and a lawyer talking about an acquisition plan in China that made the Indian Chief believe more firmly into this story.

The Indian chief of Tecnimont, including the head of accounts and finance, have been sacked as per the police complaint filed with Mumbai Police.