India/Pakistan: An escalation in force over the past few days is leading to increased risk of cyber-attacks within India and Pakistan. The escalation comes in the wake of Indian military retaliation for the February 14th terrorist attack in Kashmir. Early on the morning of February 26th, India sent bombers and fighters across the border into Pakistan to bomb a location believed to be the main camp of the Jaish-e-Mohammed (JeM) terrorist group. India carried out this attack without notifying Pakistan, as they believe that Pakistan supports JeM, which Pakistan did not appreciate. Pakistan then ordered he Army to carry out cross border artillery strikes which injured five Indian soldiers. During public statements about the Indian strike in Pakistan, the government was very careful to not refer to it as an act of war, but instead as a violation of Pakistan’s sovereignty. While the statements from the Pakistani government indicate that they wish to avoid a war between the two countries that doesn’t mean that hacker groups within Pakistan will be so reserved or diplomatic. It is likely that Pakistani hacker groups will target Indian organizations for the incursion into Pakistan. During previous periods of increased tension, such as this one, military and local government entities suffered multiple cyber-attacks over a two-week period by larger Pakistani hacker groups. A number of businesses within India then suffered a number of DDoS attacks and website defacements. Indian hackers retaliated in-kind against similar targets within Pakistan.
It is likely that similar activity will be seen in the coming week across India and Pakistan. Any organizations with business interests in India and Pakistan should exercise increased vigilance over the coming weeks as they are at increased risk of being hit by a drive-by cyber-attack.