The Chinese hacking communities are discussing ways to 'teach India a lesson' and are primarily targeting Indian press and media outlets, government websites including defence, and companies in telecom, smartphones and pharma, among other sectors
As India-China border tensions escalate, Chinese hacking communities are firming up plans to target Indian media, pharma and telecommunication firms, suggests a report by cyber intelligence firm Cyfirma.
“In last 9 days we have noticed extended conversation in Chinese hacking communities about the border situation and teaching India a lesson,” Kumar Ritesh, founder, Cyfirma told Moneycontrol.
The firm has shared the report with Moneycontrol, exclusively.
Frequently Asked Questions
A vaccine works by mimicking a natural infection. A vaccine not only induces immune response to protect people from any future COVID-19 infection, but also helps quickly build herd immunity to put an end to the pandemic. Herd immunity occurs when a sufficient percentage of a population becomes immune to a disease, making the spread of disease from person to person unlikely. The good news is that SARS-CoV-2 virus has been fairly stable, which increases the viability of a vaccine.
There are broadly four types of vaccine — one, a vaccine based on the whole virus (this could be either inactivated, or an attenuated [weakened] virus vaccine); two, a non-replicating viral vector vaccine that uses a benign virus as vector that carries the antigen of SARS-CoV; three, nucleic-acid vaccines that have genetic material like DNA and RNA of antigens like spike protein given to a person, helping human cells decode genetic material and produce the vaccine; and four, protein subunit vaccine wherein the recombinant proteins of SARS-COV-2 along with an adjuvant (booster) is given as a vaccine.
Vaccine development is a long, complex process. Unlike drugs that are given to people with a diseased, vaccines are given to healthy people and also vulnerable sections such as children, pregnant women and the elderly. So rigorous tests are compulsory. History says that the fastest time it took to develop a vaccine is five years, but it usually takes double or sometimes triple that time.
Ritesh pointed out the discussions by these cybercriminals, which were in Mandarin, are centred around Indian press and media companies, telecommunication companies, both private and public, government website including defence establishments, India pharma companies, smartphones, construction and tires companies.
The suspected hacking group that could carry out the attack include Gothic panda and Stone panda both known to have a close association with the People's Liberation Army.
“In our research these cybercriminals are looking at the defacement of websites using weaknesses in the web application, data exfiltration (sending data from the host system to the hacker's) using specialised malware, denial of service, impersonating companies’ website and launching malicious phishing campaign,” Ritesh explained.
“As of last night, in last 24 hours, we have noticed a list being put up by hackers on a dark web forum to target following media houses include Times of India, Republic TV, NDTV, Hindustan times, X-TV, Aaj Tak and Dainik Jagran."
Companies that are part of the target list include Jio, MRF Tires, Sun Pharmaceutical, Airtel, Cipla, Intex technologies, Micromax, BSNL, Apollo Tires and L&T. Government sites that could be under attack are Ministry of Foreign affairs, Ministry of Defence and Ministry of Information and broadcasting, the report added.
This gains significance in the light of recent standoffs at the border and also strengthening Chinese hacker community sponsored by the Chinese government.
Close to 20 Indian soldiers were killed in the standoff between India and China at the Galwan Valley in the disputed Ladakh region on Monday. Prime Minister Narendra Modi said on Wednesday said that though the country wants peace, India is capable of giving a befitting reply to the Chinese. Modi has called for an all-party meet on June 19 to discuss the situation.
Chinese hacking communities
Ritesh explained that Chinese cyber group is the largest in the world and it is suspected that almost 314000 people are working for these communities. They predominantly operate under geo-political agenda to attack countries such as the US, Japan, South Korea, India and other South East Asian nation.
Almost 93 percent of Chinese hacking groups are funded by the People’s Liberation Army or the Chinese external affair ministry, he added. The other such communities include APT3, funded by China's Ministry of State Security, is responsible for campaigns targeting the US and most recently Hong Kong, according to reports.
Apart from handling such campaigns for the government, recent times have seen these agencies working alongside Chinese firms to hack information that could benefit these firms from other countries, including India.Read our complete coverage on the India-China border tension.