Sent by a Reader in Asia
India Defenseless Against Chinese Cyber Warfare?
Chinese military’s western headquarters have launched new cyber attacks against government and commercial organizations in India prompting the government to issue a red alert to the Army, Navy and Air Force, according to a report.
A Chinese Advanced Persistent Threat (APT) group called Suckfly, based in Chengdu region, is targeting Indian organizations, with India’s defense establishment being its prime target, the report said.
Suckfly carries out cyber espionage activities via a malware called Nidiran.
According to the alert, Suckfly has stolen certificates from legitimate software developing firms in South Korea and is using them to camouflage its attacks. “Sensitive information from targeting computers and networks is exfiltrated, and this information is being used to undermine the national security and economic capabilities,” said the alert issued by the Ministry of Defense.
APT attack involves unauthorized access to target networks, whereby the malware is embedded undetected for a long period of time, with the purpose of stealing data.
“It has successfully carried out cyber espionage by infecting computers of both government and commercial houses of India involved in e-commerce, finance, healthcare, shipping and technology. Targeting of military personnel cannot be ruled out, keeping in mind the sensitive nature of data being handled by them,” the alert added.
What is alarming for security agencies is that the cyber attack was carried out from the headquarters of China’s People’s Liberation Army. Chengdu Military Command is in charge of security along India’s eastern sector in the Tibet region, including Arunachal Pradesh. Defence Minister Manohar Parrikar had visited Chengdu Military Command during his visit to Beijing in April.
“Indian Army headquarters issued an alert note last week (prepared by its Cyber Security Division) to all command headquarters, formations and locations. A similar note has been sent by the IAF and Naval headquarters to their respective commands,” the report added.
The 2012 Cyber Attack by Chinese hackers
In 2012 Chinese hackers managed to penetrate the commuter systems of the Navy’s Visakhapatnam-based Eastern Command, where the country’s first indigenous nuclear submarine INS Arihant was undergoing sea trial.
INS Arihant [“Slayer of Enemies”] India’s first homemade nuclear submarine during sea trials, December 2014. (Fair use under United States copyright law.)