Indian cyberseurity

The steady growth in cyberattacks has made it clear that cyber threats are not area-limited. Nations all over the world are today witnessing high-profile ransomware attacks. The cyber criminals are exploiting vulnerabilities to attack the critical infrastructures, making cyberspace a new battleground and cyber weapons as the new-age weapons.

In the wake of growing cybercrimes, several state-sponsored and non-state hacker groups have emerged to strengthen India’s offensive cyber front. Many of the hacker groups are closely working on the matters of Indian cybersecurity.

Most of the attacks originate from the compromised email handles. In the last few months, the Indian Ministry of Home Affairs (MHA) received several phishing emails that majorly targeted the Indian Cybercrime Coordination Centre, or I4C. The hackers managed to wreak havoc by weaponising India’s security shield Kavach, a mandatory two-factor authentication.

At least 10-20 government accounts in India were used for phishing and it isn’t the first time hackers used Kavach to infiltrate the accounts of Indian government officials. In the past, several unknown actors built a fake Kavach application, containing a Trojan that stole information and sent it to a command and control centre.

To make the officials use the Kavach doppelganger, these hackers used compromised government email IDs to send neatly drafted emails to users. Google’s Play Store hosted a fake Kavach app that has now been removed.

According to Indian Cybersecurity solution Quick Heal, Pakistan has increased phishing attacks against India. Pakistani threat groups – APT36 and SideCopy have been using Indian IP addresses to target critical infrastructures in the country.

Black Lotus Labs, a threat intelligence arm of US-based Lumen Technologies stated that Pakistani hackers used a new malware to target the power sector and one government organisation. The attackers used Remote Access Trojan (RAT) program to get unauthorised access to the IT network of the power companies. These attacks have no perceived overlapping with Chinese groups, although the latter has mostly focused on attacking India.

Apart from India, Pakistan-based hacker network have also targeted Afghanistan though the numbers are much less. The sources revealed that individuals from the neighbouring countries have bought nearly 9,000 Indian domains in the last few months. The state-sponsored hackers are improving and growing steadily. With every attempt they are becoming stronger and reliable in carrying out future attacks.

India also has a number of non-state actors that have over time brought global recognition to the country. Activities by Indian private firms like Dark Basin, Phronesis, Aglaya etc., have portrayed India as a strong offensive cyber nation. These firms have over time countered cyberwarfare from the adversaries, while improving India’s cyber offensive capabilities.

Even though the Indian firms have been successfully launching malware attacks against hostile neighbours, it still lags behind in cyber capabilities portrayed by the US, and China.

So, to improve the Indian cybersecurity, the country still has a lot of ground to cover in terms of building innovative cyber capabilities and executing offensive cybersecurity missions. The abilities possessed by APT groups are deemed necessary in the race of cyber supremacy and to counter the ongoing global warfare.

One comment

Leave a Reply