Cyber Attacks on India

Chinese Hackers Made Over 40,000 Cyber Attacks on India in Past 5 Days:

Chinese threat actors are increasingly targeting various sectors in India, with over 40,300 cyber-attack attempts made in just the past five days. The information has been shared by Maharashtra’s cybersecurity cell, which has noted the increased activity of Chinese state-backed hackers targeting numerous sectors in India. While Chinese threat actors are known cybercrime actors across the world, the recent surge in hacker activity comes in light of heightened geopolitical tensions in Galway Valley at the Indo-China border.

Speaking to News18, Yashasvi Yadav, Inspector General of Police, cybersecurity at Maharashtra Police, said, “In the past 4-5 days, there is a sudden surge of cybercriminal activity in the Indian cyberspace. Resources and sectors such as infrastructure, information, and banking have been heavily targeted in this period by Chinese attackers. At least 40,300 cyber attacks have been made in this time, and a large volume of these attacks have originated from Chengdu, the capital city of China’s Sichuan province.”https://8d27fc66bfd26013e1bd68a0975adf01.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Talking about the type of attacks that have largely become prevalent, Yadav said, “These attacks can be divided into three categories – denial of service, IP hijacking, and phishing. This has led to the Indian government’s cyberinfrastructure being vulnerable right now.”

Echoing these observations, Himanshu Dubey, director of Quick Heal Security Labs, told News18, “Over the past few days, we have seen some well-calibrated attacks targeting India’s critical infrastructure using malware that is designed to communicate with CnC (Command & Control) servers based in China. As part of these attacks, crypto miners and Remote Access Tool (RAT) malware are being dropped on victim computers, which enable remote administration and extensive interactions with those devices. Some of the actions include keylogging (a common tactic used to steal credentials), screen capture, privilege escalation (used to gain deep-level access to classified files), and data exfiltration, among others.”

Dubey also said that noted Pakistani hacker collective APT36 (aka Transparent Tribe) has also been targeting Indian Defence organizations persistently since March. While it is not clear if the actions of Pakistani and Chinese hackers are correlated, Dubey said on the matter, “Attackers are using honey-trapping to get inside an organization’s environment, with the intent of stealing sensitive information.”

Making an appeal to common users to take cybersecurity even more seriously in such tense socio-political times, Yadav said, “I would advise everyone, including all individual users, to pay attention to necessary cybersecurity protocol and protect their online resources. Use robust firewalls, and for enterprises, they must audit their systems by verified cybersecurity experts."

If security were all that mattered, computers would never be turned on, let alone hooked into a network with literally millions of potential intruders.