India: Indian officials stated they were the target of a recent cyber-attack against critical infrastructure through a phishing campaign. According to officials, the attacks originated from either Pakistan or China. Pakistan and India have a long-standing feud over which country controls the Kashmir region separating the two countries and several cyber-attacks have been exchanged between the two. India has plans for a defense cyber agency that will focus on cyber threats towards their armed forces. A new trend from Pakistan disguises their attack on India by making it look like attacks are coming from other countries. In many cases, Pakistan has been able to infiltrate India’s government networks, including the army communication network. According to India, the main goal of Pakistan’s cyber-attacks is to extract information about operatives or servicemen within the Indian Armed Forces.
Indian Army Targeted in Phishing Campaign
ANALYST NOTES
India and Pakistan will likely continue attacks against each other, using network intrusions to supplement other techniques. Although China is less likely to target India, the country has been accused of infiltrating countries’ networks in order to steal information. Pakistan using false flag operations to target India makes attribution more difficult. Network defenders worldwide should be aware of the possibility that nation-state threat actors may intrude into networks simply to set up a proxy or relay, using the victim computers to disguise network attacks on other countries.
