India is seeing a steep rise in advanced cyber attacks targeting government organizations.
According to a cyber security firm FireEye, Inc., the growing number of cyber attacks reflect increasing geo-political tensions in Asia Pacific. The cyber attackers, the firm said, are leveraging the fact that the Indian government is pushing to make information and services available online for the citizens.
In its half yearly threat report for 2015, FireEye found that 38% of organizations in India were exposed to targeted advanced persistent attacks (APT), against the global average of 20%, a 23% increase from the last six months.
APT is a distinct set of cyber tools, techniques, and procedures that are employed directly or indirectly by a nation-state or a sophisticated, professional criminal organization for cyber espionage or the long-term subversion of adversary networks.
“India is fast becoming a strategic target, in part because of the potentially sensitive information that is expected to be digitized through ambitious and high-profile projects such as Digital India,” said the report.
India ranks fourth in Asia Pacific countries when it comes to unauthorized communication between a compromised victim computer and its command-and-control (CnC) infrastructure (servers and other technical infrastructure used to control malware). This indicates the huge presence of compromised systems that are actively communicating with the APT groups’ command and control infrastructure.
India and neighbouring countries were likely targeted by China-based “threat actors” (the perpetrator behind cyber activity), the report said.
In April, China was reported to have “weaponized its Great Firewall, turning into what some dubbed the Great Cannon,” it said.
There were two major cyber campaigns that came into light earlier this year. First was APT30, a decade-long cyber espionage campaign— targeting organizations across Southeast Asia and India—that sought political, economic and military information, which compromised, among others, an Indian aerospace and defence company.
The second one was dubbed the Watermain campaign targeted higher educational institutions, among other organizations, for information about ongoing border disputes and other diplomatic matters.
Across Asia Pacific, “Over 50% of telecommunications firms and government organizations have faced advanced persistent attacks, with education and the high-tech industry not far behind,” the report said.
