Chinese hackers, perhaps backed by the communist Govt. itself (as has been the case most of the times), has been targeting Indian Govt. machines to get data on India’s ongoing border dispute with Pakistan and other diplomatic matters, reports reputed US based cyber-security firm FireEye.
As per the report, more than 70 Indian institutes have been targeted since last four years using a script called “water main”. However, India is not the only country that is being targeted by the Chinese hackers.
They are also targeting neighbouring countries like Nepal, Pakistan and Bangladesh, seeking information related to India’s border issues. The attacks were probably easieron these countries, considering the fact that India has a far more robust cyber-security infrastructure in place as compared to other smaller neighbouring nations.
As per FireEye, these “water main” attacks originated from an advanced persistent threat (APT) group that employs a “spear-phishing” technique to gain access to sensitive data. The attack which targets employees in organisations including government agencies and universities, involves fake emails with attachments apparently relevant to their recipients’ work. The attachments allow hackers to monitor and search for data.
Bryce Boland, FireEye’s Chief Technology Officer for Asia Pacific, said,
Collecting intelligence on India remains a key strategic goal for Chinabased advanced persistent threat (APT) groups, and these attacks on India and its neighbouring countries reflect growing interest in its foreign affairs. Organisations should redouble their cyber security efforts and ensure they can prevent, detect and respond to attacks in order to protect themselves.
Few of the attacks were detected in April, just before Prime Minister Narendra Modi’s visit to China in May. As per the cyber-security firm, APT30 had been spying on governments and businesses in Southeast Asia and India uninterrupted for a decade.
The report also said that the APT hacker group “also targeted Tibetan activists and others in Southeast Asia, with a focus on governmental, diplomatic, scientific and educational organisations.”
Ever since Dalai Lama fled China in 1959 to establish the Central Tibetan Administration, more commonly known as the Tibetan government-in-exile, in Dharamsala, China has viewed Tibetan groups in India with suspicion. China has long been accused of spying on Tibetan groups in India, including the Tibet government-in-exile and the Dalai Lama.
In an email response to ET, the director general of the Indian Computer Emergency Response Team B J Srinath told that the Indian government is aware of the issue.
An Indian intelligence official said,
The lethality of the weapon goes down with time. If you detect a zero day (the day an unknown attack is discovered) today, it will be very, very lethal. But over time, lot of security researchers in Microsoft and other places who start plugging these loopholes.
Nandkumar Saravade, CEO of Data Security Council of India, said,
There is no global governance on the internet and there are no natural protocols, so attacks are increasing. Preparedness is a moving target. It is something which we have seen continuously improving. It is a process and not a destination.