New Delhi: Amid heavy military asset deployment in forward border areas and with Indian and Chinese soldiers ‘facing-off’ in several locations in eastern Ladakh, the threat of an attack looms large on the Indian cyber horizon.
On Friday, CERT-IN (Computer Emergency Response Team-India), India’s apex agency for responding to cyber security incidents, issued an advisory warning of a large-scale phishing attack against Indian entities by impersonating government agencies, departments and trade associations tasked to oversee the disbursement of COVID 19-related aid.
Asked about the usual suspects behind such cyber attacks, Gulshan Rai, India’s national cyber security chief till March 2019, told ETV Bharat: “It can be China, can be Pakistan or even North Korea. In the current scenario, these three countries have vested interests against India at this point of time. They can attack individually or collaboratively. Both scenarios are possible.”
On the motivations, Rai said: “It can be for multiple reasons—financial, espionage or military reasons. But the first objective is to create harassment and panic in India. At the same time, it will lead to stealing of data and getting injected into the system for a longer period.”
On how such attacks are predicted, the former adviser to PMO on cyber security issues, said, the traffic and trend are key factors in predicting cyber attacks. “The traffic and trend are observed. There would be enough warning indications of impending attacks either now or after days or weeks.”
Besides non-state actors, the Chinese government is adept in using capabilities relating to cyber attacks.
Cyber warfare capabilities—for both defence and offensive operations—are very well organized in China. This domain comes under the Strategic Support Force (SSF), created by the People's Liberation Army (PLA) in 2016. In the SSF, it is the Network Systems Department that is responsible for everything that has to do with cyber-warfare, technical reconnaissance, electronic warfare, and psychological warfare.
Also read: Rahul Gandhi says 'Narendra Modi is actually Surender Modi'
On how cyber attacks are predicted, Rohit Srivastwa, a veteran in the cyber security industry and an author of the book “My Data My Privacy My Choice” says ‘honeypots’ are employed to pre-empt such cyber attacks. “What happens in such scenarios is that via some ‘honeypot’ or some other mechanism deployed by threat intelligence companies, they get to know upcoming spam campaigns. Most are caught during the testing phase of the campaign itself.”
A ‘honeypot’ is a network-attached system to lure cyber attackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.
Another cyber intelligence expert, Muslim Koser, head, technology, Volon Cyber Security, adds: “We had built a spam ‘honeypot’ SHIVA along with ‘honeynet’ project and have seen such instances before as well. Email lists are easy to get nowadays due to security breaches that happen frequently nowadays like Zoomcar, makaan.com, and Proptiger that happened in the last few months.”
