In this year, China, N Korea and other countries are suspected of aiding state-sponsored cybercriminal activities on India. Read on to know more about it…
The pandemic has led to rising concern over state sponsored cyberattacks globally, with cyber security experts worried about cyber espionage activities on India. Due to rising geopolitical tension, cyber-attacks originating from China are a huge concern for Indian organizations, with majority of the respondents feeling most threatened by those originating from China followed by Pakistan (48%) and Russia (43%). This year has been especially challenging for India, with both the proliferation of ransomware and growing tensions from nation-state actors posing a massive threat to regions worldwide.
According to the India Threat Landscape Report 2020 by cyber intelligence platform CYFIRMA, state-sponsored cyberattacks are increasingly targeting India. According to sources, the three countries namely China, North Korea and Russia, authoritarian regimes that are suspected of aiding state-sponsored cybercriminal activities, have shown interest in breaching India’s security perimeters.
State-Sponsored Attacks
Some of the top state-sponsored threat actors targeting India include the North-Korean backed Lazarus group, Chinese state-sponsored threat actors MISSION2025, along with Chinese threat actor Stone Panda/MenuPass/APT 10/ Cloud Hoppe.
Lazarus’ primary activities include spreading new malware samples, and attacking cryptocurrency businesses, while MISSION2025 is suspected of carrying out various campaigns against multiple industries, such as automotive, retail, healthcare, energy, hi-tech, media, finance, telecom, supply chain, and travel, says the report.
The Stone Panda/ MenuPass/ APT 10/ Cloud Hopper “has traditionally shown interest in stealing international trade data and supply chain information from various enterprises across several countries such as India, Japan, Canada, Brazil, etc,” as per the report.
Pakistani government-backed APT36, Operators Transparent Tribe, ProjectM and Mythic Leopard groups have also made it to the list. The group is believed to have carried out a phishing campaign targeting Indians in the first half of 2020 sending bogus health advisories through emails while impersonating the Indian Government.
“Victims who clicked on the attached document activated a malware that gave them access to sensitive and important information like passwords, credit card details and location data stored on user browsers. A spear-phishing campaign aimed at computers belonging to the Indian Railways was also detected,” the report said.
Chinese Cyber Warfare
This is a Cyberwar and mostly they are not done by PLA’s Cyber Wing but non-state actors appointed by PLA. If not countered properly these attacks can affect services can bring down various cyber resources in India. It’s not necessary that these cyber attacks will originate from an address in China or its allies. Some of the Chinese cyber warfare strategies adopted against India are as follows
* Snooping on defence establishments through illegal VOIP exchange,
* Cyberattack for more than 40,000 times in a week’s time duration,
* The physical presence of PLA in Galwan,
* Peddling disinformation and fake news,
* Proxy wars through Pakistan and Nepal etc.,
* Developing a Fake Arogya Setu application.
China is adopting every practice of Warfare to fight with India from violent faceoff in Galwan to moving artilleries and forces to Galwan Valley. Attacking cyberspace for more than forty thousand times and spreading disinformation deception fake news and pushing its own propaganda in India along with new proves which suggest how Chinese telecom companies are involved in surveillance of Defence areas and soldiers in a crackdown by Crime Branch and Military Intelligence.