Indian Import Export Data for Sale

Published 18 May 2021


  • CloudSEK discovered a post, on a cybercrime forum, advertising an Indian customs database
  • The database contains 130 million records including importer, supplier details

Share this Threat Intel:

Category
Adversary Intelligence
Affected Industries
Government Sector 
Type
Database
Affected Region
India

Executive Summary

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a cybercrime forum, advertising an Indian customs database that contains 130 million records. The database purportedly contains Import/ Export data from 2019 to 2020. 

Attribution

On 29 April 2021 a threat actor shared a post selling Indian Customs data for USD 500 on a popular underground data sharing forum. 

Threat actor’s post on a popular underground forum
Threat actor’s post on a popular underground forum

Analysis

Information from Source

The threat actor claims that the database contains the following records:

2019
2020
Import
40 million records 31 million records
Export
35 million records 30 million records

 

The threat actor has provided sample data for both Import and Export data:

Import Data Sample:

Indian Import Data Samples

Export Data Sample:

Indian Export Data Sample

Data fields:
  • Port names
  • Date
  • IEC (Importer-Exporter Code)
  • Importer name
  • Importer Address
  • Supplier name
  • Supplier Address
  • Invoice details
  • Pricing information
  • Exchange rates

Impact

Based on the data schema, there is no PII (Personally Identifiable Information) of individuals. Also, most of the data in the database sample are public, except the invoice details and other administrative data. 

Recommendations

  • Secure web applications from injection attacks.
  • Ensure proper maintenance of network connected systems, especially those exposed to the internet.
  • Use strong/complex passwords and MFA (Multi Factor Authentication) for administrative logins and VPN endpoints.
  • Use efficient NIDPS (Network Intrusion Detection and Prevention Systems) and XDR (Extended Detection and Response) systems to prevent intrusions.

Be informed in your Inbox

Sign up now to our Threat intelligence Newsletter and be the first to know about threats first in your inbox.

Join the Discussions

Discuss your way into our Community about these threats and stay Vigilant and informed.