Hybrid Warfare: Indian APT Groups Building Large-Scale Phishing Campaigns

Hybrid warfare

As the unconventional methods of a multi-domain warfighting approach have been growing in the name of hybrid warfare, India is now sparing no efforts in targeting the domestic fault lines that encompass the political, social, economic, and religious factors.

Several Indian APT groups have now sped up collaboration on and executing scams, fraud, and large-scale targeted phishing campaigns to counter foreign attacks in the digital space. Such activities have brought a rise in overall hybrid warfare since every country is extensively pursuing it to destabilise, demoralise and disintegrate their core adversaries.

Due to its conflicting nature, Pakistan remains one of the biggest adversaries of India in South Asia. It has been blamed for not allowing regional peace and integration while escalating cyberwarfare with India. Since it has been linked with the Taliban at an international level, India has also radicalised militant groups in Pakistan and is supporting the dissidents in Baluchistan taking help from private actors.

Cyber risks in India exist both domestically and from foreign actors as the legal and regulatory framework to deal with this, still seems to be under process. As a result, the private actors are using cyber-attacks and subversion, disinformation campaigns, economic manipulation, proxies and insurgencies, diplomatic pressure, and military actions, to inflict harm to the adversaries rather than engaging in open hostilities.

Recently, it was reported that APT C-35 Indian mercenaries launched several phishing websites and mobile apps relating to Referendum 2020 as bait to target pro Khalistan Sikhs in India. The ransomware named “Sarbloh” was designed to target entities connected with farmers’ protests in India, with the hacker group titled Khalsa Cyber Fauj reported to be leading the attack in the country.

The Khalistan delusion makes an appearance every time the Sikh community is in news. It was in 2020 when the Macdonald-Laurier Institute (MLI) in its newest publication released “Khalistan: A Project of Pakistan,” report, which included brief research upon the entire Khalistan movement by Terry Milewski. The veteran journalist discovered that the movement was a geopolitical project nurtured by Pakistan, threatening the national security of both the Canadians and Indians.

Milewski added that the Khalistan movement was going nowhere in the Sikhs’ home state but instead was Pakistan’s continued campaign of agitation, after failed Kashmir project. To counter similar future attempts, India is aiming to slowly take control of Pakistan’s cyberspace. Several private actors have emerged to help India fulfil the objective over time. It has overall extended the idea of hybrid warfare against Pakistan.

Back in 2019, the EU DisinfoLab alleged an Indian firm – Srivastava Group for building 750+ fake media websites. In the recent report, it accused the network of resurrecting the dead scholars and propagating the false news in the international media. Domains related to topics for India Chronicles, namely Gilgit Baltistan (gilgitnews.net, gilgitpost.net, and gilgittimes.com), Khalistan (khalistan.eu, khalistanfm.net, and radiokhalistan.net), Balochistan (balochnews.com, balochistantoday.org and .net), and Maldives (maldivesaffairs.com, maldivescurrent.com) were also found.

Clearly, the mission has been to dominate cyberspace and isolate Pakistan internationally while countering nations in conflict with India in Asia.


Leave a Reply