A month after the arrest of a Defence Research and Development Organisation (DRDO) official in a 'honey trap' case with Pakistani links, the central government has warned against a cyber-attack campaign. Officials have been receiving malware-laden emails disguised as recommendations on how to prevent honey trapping.
These emails that officials have received from threat actors specifically refer to the arrest of the DRDO employee who was arrested for divulging sensitive information to Pakistan-based intelligence operatives in a suspected case of honey trapping.
A copy of this email, reviewed by Moneycontrol, falsely claims that, in the context of the arrest of the DRDO official, the Ministry of Defence has published a case study containing contact information used by Pakistani operatives to lure and honey trap Indian officials.
The email also contains a hyperlinked text titled "Honey Trap Case and Precautions," which unsuspecting officials may click on thinking it to be an educative advisory. However, government officials have found that the link actually contains malware.
"It is strictly advised not to click on any suspicious link attached to a mail sent to you from a seemingly dubious mail id due to the probability of those mails being a part of co-ordinated cyber attack from hostile countries," a cybersecurity advisory issued by a government body and reviewed by Moneycontrol said.
"It is highly probable that those mails are spoofed and sent to your mail to steal your e-mail ID and password," the advisory issued by the government in May added.
Another advisory said that if any individual has clicked on the link then he/she should reset their password immediately.
"Systems must be formatted to make it safe for future use. Any occurrence regarding the breach of security may be informed on urgent basis. Password for KAVACH application must be reset," the advisory added.
'Honey trapping' refers to the use of romantic or sexual relationships to get information out of a target. The DRDO official was arrested in Pune by the Maharashtra State Anti-Terrorism Squad, an Indian Express report said adding that the official was booked under the Official Secrets Act.
This is the latest in a string of cyber attacks on government bodies.
Earlier this month, Moneycontrol reported how the government has detected a "new wave of cyber attack campaign" where China-based threat actors have been targeting government bodies, such as the Unique Identification Authority of India (UIDAI) and the All India Institute of Medical Sciences (AIIMS).
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
