Chinese Hackers Increase Attacks on Indian Entities
Most cyber attacks carried out via proxy servers in N Korea, Africa, Eastern Europe
Mumbai: A leading Indian infrastructure company recently discovered to its dismay that its IT systems were compromised, with hackers gaining remote access to some of the most sensitive information for a fairly long period of time.
While no official complaint has been made by the company, the attack might just be proverbial tip of the iceberg, and cyber-security experts engaged by the firm say Chinese hackers were behind the breach. Several Indian companies and some government institutions have seen an increase in cyber attacks originating in China, say industry trackers.
Like in the case of the infrastructure company, these attacks are often carried out through difficult-to-trace proxy servers in North Korea, Africa, Eastern Europe and Russia. Unlike a normal attack, the Chinese breaches tend to exploit vulnerabilities of Indian IT systems and “just observe.”
“Often, cyber-attacks originating from neighbouring countries are relayed through VPN and proxy servers in eastern Europe, Africa, North Korea and Russia. These attacks are very sophisticated, well planned and targeted toward specific sectors and companies,” said Amit Jaju, partner and head of EY’s forensic technology & discovery services.
Experts say that some of the sectors, including India’s defence industries, may be vulnerable against such attacks. Often, many Indian companies and government institutions aren't even aware of the hack unless they rope in a cyber expert to conduct an investigation. They also lack proper operating procedures, such as examining employees of defence or public sector units.
“While China, Pakistan and Iran have
dedicated teams of cyber hackers (with immunity) it would be difficult to pinpoint in today’s world where the cyber-attack emanated from. All modern machines - aircraft, warships, tanks and cars - run on cyber technology. The power generation and distribution grids, banking and oil and communication industries are most vulnerable today against potential attacks,” said D. Sivanandhan, former director general of police, Maharashtra.
Some experts believe that Chinese hackers may even use social media platforms, such as Facebook, to create, change and manipulate opinions of Indians just as they do domestically.
“The fear is not only that hackers would obtain information illegally or access defence data but also that they may manipulate public opinion. It is absolutely possible to attempt to influence public opinion through a targeted propaganda over Head, EY’s forensic technology services
social media and other modes of mass communication and this has been successfully used in the US in the past or during the BREXIT vote,” said Tushar Ajinkya, Partner, DSK Legal.
Cyber experts say that power and telecom companies have used a lot of Chinese equipment while scaling up their infrastructure and that could be a problem if hostilities break out between India and China. “One never knows where a ‘kill’ switch is embedded in the system like Iran’s Natanz nuclear facility was affected by Stuxnet. It was through infected suppliers,” says a security expert.
“The biggest risk is around proprietary equipment and devices such as plant equipment controllers, networking and communication devices as there would be limited general knowledge around securing such devices,” said Jaju of EY.
Cyber-attacks originating from neighbouring countries are sophisticated, well planned and targeted toward specific sectors and companies