Hacktivist Waves Surge in 2023: India Takes Center Stage in Global Hacktivist Campaign

NEW DELHI: Cybersecurity firm CloudSEK has monitored and tracked over 1000 Indian websites that were targeted by hacktivist groups originating from nations such as Pakistan, Bangladesh, and others during Independence Day – August 15.

CloudSEK has been diligently monitoring the cyber activities of hacktivist groups participating in the Independence Day campaign under the hashtag OpIndia.

These hacktivist groups, originating from various countries including Pakistan and Bangladesh, employed a range of tactics such as Distributed Denial of Service (DDoS) attacks, defacement attacks, and user account takeovers.

CloudSEK has released an all-encompassing white paper that delves into the realm of hacktivist warfare. This extensive study reveals a significant surge in cyber attacks during the first quarter of 2023.

ALSO READ: Looking For Nodal Officers Of Banks, Telecoms, Social Media? Click The Link Here To Fetch Numbers – Details Inside

The research meticulously scrutinized the actions of more than 40 hacktivist groups spanning different regions, shedding light on their motivations, strategies, and their impact on the global power structure.

Surge in Hacktivist Attacks Shakes the Landscape

The years 2021 and 2022 witnessed hacktivist attacks making up less than 1% of the total global cyber attacks. However, the landscape took a dramatic turn in the first quarter of 2023, with hacktivist attacks surging to represent 35% of the total attacks in April. While there was a slight dip in May, similar patterns reemerged in June. An anticipated spike in July 2022 due to the DragonForce group’s active campaign was mitigated as the group erased its data following Interpol complaints, resulting in only a minor uptick during that period.

ALSO READ: Deepfake Nightmare: Sextortionists Resort To Morphed Dead Videos Of Girls For Higher Ransom

India at the Epicenter of Targeted Attacks

CloudSEK’s research meticulously monitored hacktivist groups targeting 67 countries around the world. Among these nations, India emerged as the primary focal point of attacks, closely followed by Israel, Poland, Australia, and Pakistan. The motivations driving these cyber assaults varied significantly, depending on the geographical region and the specific target country.

Countries such as India, Israel, Denmark, and Sweden encountered hacktivist attacks primarily propelled by religious motivations. In contrast, attacks on countries like Poland, Ukraine, Latvia, and others were largely politically driven.

ALSO READ: Victim Of A Cyber Attack? Now Dial 1930 & 155260 To Register Complaint And Get Your Money Back

Governments Bear the Brunt of Hacktivist Strikes

Governments bore the brunt of hacktivist attacks, enduring the highest impact, followed by the Non-Profit, Education, Automobile, Finance & Banking, and Energy-Oil & Gas sectors. While the non-profit sector faced numerous attacks, their impact was comparatively less severe.

Campaign Overview

The hacktivist campaign, driven by political and religious motives, targeted websites with lower security measures and less robust digital infrastructure. Government, Education, BFSI, and small businesses were the most affected sectors. Government and BFSI entities faced DDoS attacks predominantly, while Education and Small businesses encountered bulk defacement attacks and takeovers of access panels.

During the Independence Day, approximately 1000+ websites were defaced by these hacktivist groups, spanning various industries such as local businesses, education, tourism, healthcare, and technology. These targeted websites belonged to diverse industries and niches, offering services, products, educational resources, and travel packages. The scope of the affected entities extended to both local and global entities, underscoring the wide-ranging impact of the attacks.

Hacktivist groups from countries like Pakistan and Bangladesh directed their efforts towards Indian websites, utilizing attack vectors as detailed in CloudSEK’s Hacktivism Whitepaper.

In response, Indian factions adopted similar strategies, targeting institutions in Pakistan and Bangladesh. However, it’s vital to approach the claims made by these hacktivist groups regarding DDoS and other attacks with a level of skepticism, as these claims are likely exaggerated for attention.

Unmasking the Modus Operandi

In their analysis, CloudSEK unveiled the modus operandi employed by these hacktivist groups:

• DDoS Attacks: Open-source HTTP flooding tools and proxy services were used to overwhelm website servers temporarily.
• Credential Sourcing: Compromised credentials were sourced from publicly available information stealer malware logs.
• Website Exploitation: Misconfigurations, default or weak passwords, and inadvertent internal credential leaks were exploited.
• Vulnerability Exploitation: Vulnerabilities like SQL injection were exploited to gain database access and administrator panel control.
• Mirror Platforms: Compromised and defaced websites were mirrored on well-known platforms to gain reputation within the hacktivist community.
• Database Reposting: Historical leaked databases from Indian organizations were reposted, obtained from Telegram channels distributing compromised data.

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube