With Covid-19 causing significant unemployment in India, it can be “safely assumed a portion of people with these skills will engage in cybercrime”, according to Wright. However, there is no shortage of people with advanced technical skills in India.” Morgan Wright, chief security advisor at SentinelOne and former US State Department special advisor, told The Daily Swig: “India’s growing offensive capability is still immature compared to China, North Korea, Russia, Israel, the UK and US.
Sometimes, simple social engineering attacks delivering a known commodity malware can be enough. The sophistication of the various Indian cyber threat actors do not appear to be in the same league as China or Russia, and rather than having the ability to call on a cache of 0-day exploits to utilise, they have been known to use less sophisticated – but still fairly effective – techniques such as decoy documents containing weaponised macros. India is currently considered to have a less mature cyber warfare armoury and capability than the ‘Big Six’ – China, North Korea, Russia, Israel, the UK, and US – but this may change over time since its capability is growing.Ĭhris Sedgwick, director of security operations at Talion, the managed security service spinoff of what used to be BAE System’s intelligence division, commented: Indian cyber-espionage groups typically seek information on Pakistan’s government, military, and other organizations to inform and improve its own national security posture.īut this is far from the only game in town.įor example, one Indian threat group called ‘Dark Basin’ has allegedly targeted advocacy groups, senior politicians, government officials, CEOs, journalists, and human rights activists across six continents over the last seven years.Ī powerhouse of South Asia, India boasts a large number of engineers, programmers, and infosec specialists How sophisticated are the techniques being used by Indian hacker groups?
Indian espionage groups may sometimes expand their horizons further to occasional targets in Southeast Asia or the Middle East. Other common targets of Indian hacking activity include other nations of the South Asian subcontinent, such as Bangladesh, Sri Lanka, and Nepal.
RECOMMENDED H2C smuggling named top web hacking technique of 2020 Paul Prudhomme, head of threat intelligence advisory at IntSights, told The Daily Swig: “Indian cyber-espionage differs from that of other top state-sponsored threats, such as those of Russia and China, in the less ambitious geographic scope of their attacks.” Geopolitical factors have fueled an increase in cyber threat activity both originating from and targeting India.Įxperts quizzed by The Daily Swig were unanimous in saying that the most important target of Indian cyber-espionage by far is Pakistan – a reflection of the decades-long struggle over the disputed region of Kashmir.Ĭhina, India’s neighbour and an ally of Pakistan, is also a top target of state-sponsored Indian cyber-espionage.
Who is being targeted by Indian hacking groups? India is in catch-up mode for now, but has the technical resources to make rapid progress. Their somewhat limited employment prospects are said to have created a swarm of underground Indian threat actors eager to show off their hacking talents and make money – a resource that the Indian government might be able to tap into in order to bolster its own burgeoning cyber-espionage resources. The country boasts a large number of engineers, programmers, and information security specialists, but not all of this tech talent was put to good use, even before the Covid-19 pandemic cast a shadow over the global economy. ANALYSIS India is sometimes overlooked by some in the threat intelligence community, even though the South Asian nation has advanced cyber capabilities – not least a huge pool of talent.
0 kommentar(er)
