Search
+

    India facing more cyber attacks from China and Pakistan since nationwide lockdown

    Synopsis

    "Because of the pandemic, healthcare services and academia are the new spaces which are emerging as targets for malicious cyber actors, while the usual areas such as critical infrastructure, government, financial services, continue to be on their radar,” Bahl said.

    Agencies
    Effective cybersecurity is a shared responsibility involving people, processes and technologies, Bahl of CERT-In said.
    India has faced increased cyber-attacks from China and Pakistan since the nationwide lockdown was imposed end-March and the country continues to encounter threats from malware that communicates with Chinese servers, government officials and cyber security companies told ET.

    Most of the hackings are through phishing emails, malicious advertisements on websites, and third-party apps and programs, experts said.

    Healthcare services and educational institutions have been the targets, said Sanjay Bahl, Director-General of the Indian Computer Emergency Response Team (CERT-In), India’s nodal cyber security agency.

    "Because of the pandemic, healthcare services and academia are the new spaces which are emerging as targets for malicious cyber actors, while the usual areas such as critical infrastructure, government, financial services, continue to be on their radar,” Bahl said.

    Covid-19-themed malware, including ransomware, and Covid-19-based domain-led infections have also increased.

    "Because of this lockdown, phishing and spear phishing attacks have increased; since users are sitting at home, logged in to their devices most of the time, it is easier to lure them and they are falling prey to such attacks,” he said.

    Citizens have been urged to report cyber security incidents to the Indian Computer Emergency Response Team (CERT-In).

    Under lens
    Under lens

    In the last few week, Pune-based Quick Heal Technologies has detected calibrated attacks -- targeting India’s critical infrastructure -- which communicate with ‘command and control’ servers based in China.

    “Crypto Miners and Remote Access Tool (RAT) malware, are being dropped on victim computers as part of these attacks, enabling remote administration and extensive interactions with those devices,” said Himanshu Dubey, Director of Quick Heal Security Labs.

    Pakistan has also made attempts to infiltrate Indian defence networks from March, through a group called APT36, Dubey said.

    APT36 is believed to be a Pakistan state-sponsored threat actor targeting defence organizations in India. Dubey said the attacks were aimed at stealing sensitive information.

    China-based attacks on India peaked in March and have declined to levels similar to those seen in February, said Aamir Lakhani, Global Security Strategist of California-headquartered Fortinet.

    CERT-In has issued more than 35 advisories and 200 vulnerability notes since March. These include advisories for citizens.

    It has also been providing threat intelligence reports to Chief Information Security Officers so that they can put in place appropriate measures to secure their digital infrastructure.

    Sectoral Certs, such as Fin-Cert and four Power-Certs, have also issued such advisories, according to Bahl of Cert-In.

    The main targets of attacks against India appear to be government organisations, the national IT infrastructure and the banking sector, said Bengaluru-based startup SignDesk, which creates automation tools for the Banking, Financial Services and Insurance (BFSI) sector.

    “These entities have become more vital than ever to the nation in our current situation and they are increasingly becoming prime targets for attack,” said Ashok Kadsur, co-founder of SignDesk.

    Effective cybersecurity is a shared responsibility involving people, processes and technologies, Bahl of CERT-In said.

    "The people are the weakest link and if that's made stronger through awareness and sensitisation our defence will be better.”

    4 Comments on this Story

    Vk Singh70 days ago
    No problems,it will create more sufficient to fight from culprit China.
    David Theggie70 days ago
    Recovery expert referral.I lost my bitcoin to fake blockchain.com impostors on Facebook, they contacted me as blockchain official support and i fell stupidly for their mischievous act, this made them gain access into my blockchain wallet account,whereby  7.0938 btc  was stolen from my wallet in total .I was almost in a comma and dumbfounded because this was all my savings i banked up on , waiting for bitcoin rate to improve . Then  my niece recommended me to an expert, I researched online and found the recovery expert , with the contact address- Theredhackergroup@GMAIL.COM .I wrote directly to the specialist explaining my loss. Hence, he  helped me recover my bitcoin  just after 2 days he helped me launch the recovery program , and the culprits were identified as well , all thanks to his expertise . I hope I have been able to help someone as well . Reach out to the recovery specialist to recover you lost funds from any form of online scam  .
    Jothi Kumar70 days ago
    Apart from control measures follow their own way to trigger multiple hacks on their sites and establishments and publish them on blackweb for free of cost....
    The Economic Times