Cyber attacks from the groups in India target government and private entities in China, Pakistan, and Nepal, with the backing of Indian Intelligence agencies. Chinese Media made this statement after investigations by leading cyber security companies.
These investigations by leading cyber security companies of China have further revealed that sophisticated networks with the code name of “Evil Flower in South Asia, the lure of beauty, ghost war elephants roaming the Himalayas” are behind these coordinated attacks, the entities of China, Pakistan, and Nepal.
In 2020, Chinese tech giant 360 Security Technology monitored and captured over 100 initial payloads that originated in India and targeted Chinese entities. These initial payloads induced users to execute malicious payloads through the Harpoon emails method.
However, in the first half of 2021, these coordinated attacks by groups based in India were mainly on the rise. These groups target various fields, like education, government, defense industries, and aerospace industries in all three targeted countries.
These groups targeting China, Pakistan, and Nepal are usually known as Advanced Persistent Threat (APT) organizations. They operate with the support of government agencies and include top hackers. Their primary focus is to persistently attack specific targets in other countries for intelligence gathering with malicious intent. Therefore, critical infrastructures and governmental entities of all three countries are on the hit list of these groups.
The report by leading cyber security companies has further revealed that China is under continuous attack by Indian hackers, and the system’s security needs to be upgraded to counter the attacks. These revelations surprise some who consider India a non-threat in the cyber world. The report further revealed that the other countries in South Asia are not fully aware of India’s advanced cyber capabilities.
Antiy Labs, one of the leading cyber security companies in China, has said they have detected and monitored various phishing activities in India since March. The target of these phishing activities was defense and military units, government agencies, and state-owned enterprises in China, Pakistan, and Nepal. Antiy Labs further revealed they have managed to detect over 100 phishing fake websites created by organizations based in India to attack the three countries. These activities by Indian groups can be traced back to as early as April 2019. It shows that these groups have intensified their efforts to attack China, Nepal, and Pakistan in the last two years.
The revelations further strengthen this claim that 360 Security Technology busted a hacking group with the name of CNC (APT-C-48). The group used forged physical examination forms to attack medical institutions of China by taking advantage of the Covid-19 outbreak. In April 2021, the same CNC group launched a new series of attacks to target the aerospace industry in China.
These coordinated attacks from groups based in India have shown that China and its allies are under attack from the U.S. and its allies, and the internet is being used as a weapon in the information war.