Chi­nese Hack­ers In­crease At­tacks on In­dian En­ti­ties

Most cy­ber at­tacks car­ried out via proxy servers in N Korea, Africa, East­ern Europe

The Economic Times - - Disruption: Startups & Tech - Sachin.Dave@ times­

Mumbai: A lead­ing In­dian in­fras­truc­ture com­pany re­cently dis­cov­ered to its dis­may that its IT sys­tems were com­pro­mised, with hack­ers gain­ing re­mote ac­cess to some of the most sen­si­tive in­for­ma­tion for a fairly long pe­riod of time.

While no of­fi­cial com­plaint has been made by the com­pany, the at­tack might just be prover­bial tip of the ice­berg, and cy­ber-se­cu­rity ex­perts en­gaged by the firm say Chi­nese hack­ers were be­hind the breach. Sev­eral In­dian com­pa­nies and some gov­ern­ment in­sti­tu­tions have seen an in­crease in cy­ber at­tacks orig­i­nat­ing in China, say in­dus­try track­ers.

Like in the case of the in­fras­truc­ture com­pany, these at­tacks are of­ten car­ried out through dif­fi­cult-to-trace proxy servers in North Korea, Africa, East­ern Europe and Rus­sia. Un­like a nor­mal at­tack, the Chi­nese breaches tend to ex­ploit vul­ner­a­bil­i­ties of In­dian IT sys­tems and “just ob­serve.”

“Of­ten, cy­ber-at­tacks orig­i­nat­ing from neigh­bour­ing coun­tries are re­layed through VPN and proxy servers in east­ern Europe, Africa, North Korea and Rus­sia. These at­tacks are very so­phis­ti­cated, well planned and tar­geted to­ward spe­cific sec­tors and com­pa­nies,” said Amit Jaju, part­ner and head of EY’s foren­sic tech­nol­ogy & dis­cov­ery ser­vices.

Ex­perts say that some of the sec­tors, in­clud­ing In­dia’s de­fence in­dus­tries, may be vul­ner­a­ble against such at­tacks. Of­ten, many In­dian com­pa­nies and gov­ern­ment in­sti­tu­tions aren't even aware of the hack un­less they rope in a cy­ber ex­pert to con­duct an in­ves­ti­ga­tion. They also lack proper op­er­at­ing pro­ce­dures, such as ex­am­in­ing em­ploy­ees of de­fence or pub­lic sec­tor units.

“While China, Pak­istan and Iran have

ded­i­cated teams of cy­ber hack­ers (with im­mu­nity) it would be dif­fi­cult to pinpoint in to­day’s world where the cy­ber-at­tack em­anated from. All modern ma­chines - air­craft, war­ships, tanks and cars - run on cy­ber tech­nol­ogy. The power gen­er­a­tion and dis­tri­bu­tion grids, bank­ing and oil and com­mu­ni­ca­tion in­dus­tries are most vul­ner­a­ble to­day against po­ten­tial at­tacks,” said D. Si­vanand­han, former direc­tor gen­eral of po­lice, Ma­ha­rash­tra.

Some ex­perts be­lieve that Chi­nese hack­ers may even use so­cial me­dia plat­forms, such as Face­book, to cre­ate, change and ma­nip­u­late opin­ions of In­di­ans just as they do do­mes­ti­cally.

“The fear is not only that hack­ers would ob­tain in­for­ma­tion il­le­gally or ac­cess de­fence data but also that they may ma­nip­u­late pub­lic opin­ion. It is ab­so­lutely pos­si­ble to at­tempt to in­flu­ence pub­lic opin­ion through a tar­geted pro­pa­ganda over Head, EY’s foren­sic tech­nol­ogy ser­vices

so­cial me­dia and other modes of mass com­mu­ni­ca­tion and this has been suc­cess­fully used in the US in the past or dur­ing the BREXIT vote,” said Tushar Ajinkya, Part­ner, DSK Le­gal.

Cy­ber ex­perts say that power and tele­com com­pa­nies have used a lot of Chi­nese equip­ment while scal­ing up their in­fras­truc­ture and that could be a prob­lem if hos­til­i­ties break out be­tween In­dia and China. “One never knows where a ‘kill’ switch is em­bed­ded in the sys­tem like Iran’s Natanz nu­clear fa­cil­ity was af­fected by Stuxnet. It was through in­fected sup­pli­ers,” says a se­cu­rity ex­pert.

“The big­gest risk is around pro­pri­etary equip­ment and de­vices such as plant equip­ment con­trollers, net­work­ing and com­mu­ni­ca­tion de­vices as there would be lim­ited gen­eral knowl­edge around se­cur­ing such de­vices,” said Jaju of EY.

Cy­ber-at­tacks orig­i­nat­ing from neigh­bour­ing coun­tries are so­phis­ti­cated, well planned and tar­geted to­ward spe­cific sec­tors and com­pa­nies

Amit Jaju,

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.