Most Cyber Attacks on China, India in Govt Sector: CloudSEK Report

NEW DELHI: While India and China continue to be at loggerheads over their geographical border issues, the two global powers have come across a new joint enemy who is attacking the governments in both the nuclear-powered countries – the hackers.

According to a new study, the governments of China and India remained the most targeted avenues for online hackers in 2021 and 2021 and the attacks are only getting more intense.

Cyber security firm CloudSEK, based in India’s silicon valley of Bengaluru, claimed that online attacks against the Narendra Modi government intensified in 2022 as hacktivist groups such as Dragon Force Malaysia ramped up campaigns in the subcontinent. They were also joined by other hacktivist groups as the attacks were ramped up against the two South Asian neighbours.

ALSO READ: Phishing Attack On Bank Customers Using SMS Apps, Warn Cyber Experts At CloudSEK

CloudSEK noted that the government agencies in India have also become popular targets for extensive phishing campaigns, while China’s government also saw a spike in cyber attacks, particularly by APT (advanced persistent threat) groups in 2021.

Other Targets

Besides China and India, the US and Indonesia were also highly targeted by threat actors.

Together, these four countries accounted for about 40% of the total reported incidents in the government sector. Taiwan, COVID, Uyghur — Motivation Behind Cyber Attacks

The study notes that nearly 96% of attacks against China were initiated by the ‘AgainstTheWest’ threat group under the Operation Renminbi campaign, which began as retaliation to China’s activities against Taiwan and the Uyghur community.

ALSO READ: Job Scam: Middle East New Target Of Phishing Scams, Cyber Thugs Pose As UAE Ministry Officials

It was also speculated that conspiracy theories about China being responsible for the Covid-19 outbreak may have contributed to the increase in attacks, according to CloudSEK researchers.

The main motive of the attacks is to exfiltrate and sell data for money but that’s not all. The government sector agencies are also on target list for other reasons which are reflected in the emergence of various APT groups and hacktivist campaigns over the last decade.

ALSO READ: Abysmal State of Critical Infra: Supply of Gas, Water & Govt Services at High Risk – CloudSEK’s Report

Rise In Attacks On Govt Sector

In 2022, CloudSEK said it found a significant increase in hacktivist activity that accounted for about 9% of cyber incidents reported in the government sector.

“This suggests that attacks against governments are no longer limited to financial gains. Instead, they are now used as a means to express support or oppose a certain political, religious, or even economic goal. Ransomware groups were also active in the government sector, accounting for 6% of the total incidents, with LockBit as the most prominent ransomware operator,” it noted.

ALSO READ: Cyber Attack On India Widens, Around 200 Govt, Private Domains Targeted

While a majority of attacks were focused on compromising data and access, there were a few attacks conducted to expose flaws in a country’s cyber security posture. CloudSEK observed that such attacks had been launched against Indonesia. The advent of ransomware-as-a-service has also led to more government-sponsored attacks.

“Threat actors have started developing and advertising services of dedicated criminal infrastructure which can be bought by governments or individuals and used for nefarious purposes,” CloudSEK said.

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube