Espionage Has Become the Newest Threat in South Asian Landscape

Offenssive cyber capability of India

Cyberwar can be the next big factor in building power relations in South Asia, for the region has regularly attracted interests of cyber criminals. The territorial disputes have heightened the cyber espionage activities in South Asia. As a result, many countries have resorted to new cybersecurity measures to protect integrity and national security interests.

Over time, the increasing cyberattacks have led the states to use cyber coercion to fulfil objectives. Several rival governments have employed APT groups that conduct espionage activities, amid the rising tide of cyberwar threats to their economies.

India being one of the rising nations in South Asia is also in competition for managing the conquest and defence of cyberspace, while taking help from private actors/APT groups. As the cyber domain became the fifth dimension of warfare, several Indian APT groups such as Viceroy Tiger, Dark Basin, and SideWinder emerged to strengthen the Indian offensive cyber front in South Asia.

Acronis’ Cyber Readiness Report 2020 suggests that India has been one of the most targeted nations in South Asia. Hackers linked to North Korea and China have been using advanced malware framework to target multiple Indian platforms. North Korea has been carrying out a two-pronged attack. Its Lazarus group of hackers have lured countless vulnerable individuals and companies into falling for phishing attacks. Similarly, China with its threat actor groups – Stone Panda and Gothic Panda has targeted supply chain information, aerospace, defence, construction, transportation, and manufacturing sectors in the past.

Russian cyber security solutions – Kaspersky acknowledged that both North Korea and China are taking aggressive approaches to infiltrate corporate entities around the world. Such activities have created an implicit commonality of interests among other regional powers that are calling for a collective action to improve cybersecurity and fight against cyber adversaries.

India too is levelling up its game in cyber espionage by associating with the private actors. It is taking steps to counter cyberwar from China, through risk mitigation strategies, building firewalls and recovery systems, while working on “offensive” cyber capabilities. It has successfully executed many cyber operations.

Viceroy Tiger, an adversary with a nexus to India, has historically targeted entities throughout multiple sectors. It leverages spear phishing emails containing malicious MS Office documents, malware designed to target Android mobile platforms, and phishing activity designed to harvest user credentials.

Dark Basin APT previously linked to BellTroX InfoTech Services, allegedly operated phishing campaigns against government officials, advocacy groups, and human rights activities in six continents. Similarly, SideWinder APT group operated in support of Indian political interests and used email spear phishing, document exploitation, and DLL Side Loading techniques to evade detection and to deliver targeted implants in Asia.

Despite all that, India still lacks behind in cyberwar capabilities built by its counterparts – North Korea and China. But this has never once stopped the private actors from ramping up India’s offensive and defensive cyber capabilities. With cyberspace continuously changing and evolving, India is also planning a long-term deterrent capability by joining hands with other Asian countries attacked by common foe.

Leave a Reply