India Claims Increased Cyberattacks from China and Pakistan During Lockdowns

China - Top government leaders told NPR that federal agencies are years behind where they
Bill Hinton Photography/Getty Images

India’s Ministry of Electronics and Information Technology (MEITY) issued a cybersecurity report on Thursday that found India weathered a dramatic increase in cyberattacks from China and Pakistan during the year of coronavirus lockdowns.

The MEITY report assured lawmakers that the ministry deployed “additional resources” and completed security audits to combat the increased security threat, but also warned India should “significantly augment” its budget to address emerging and evolving threats. In particular, the report argued India is not spending enough on research and development for “projects to address the new cybersecurity challenges.”

“With cyber attackers becoming more and more sophisticated, it is necessary that indigenous cybersecurity solutions and products need to develop to counter such unexpected threats in cyberspace,” the IT ministry said.

According to the report, the increased tempo of attacks from China and Pakistan targeted the immense surge in “endpoint security” vulnerabilities created by Indian citizens working from home during the lockdowns.

Bloomberg News reported Monday that China is looming larger in India’s cybersecurity planning than Pakistan at the moment, as Indian authorities investigate “a series of recent suspected cyber intrusions which could have led to a power outage in Mumbai, crippled systems at banks and caused a glitch at the country’s premier National Stock Exchange.”

The attacks were traced by American cybersecurity experts to a group called “Red Echo” based in China and sponsored by the Chinese government. One of the holes Red Echo punched through Indian cybersecurity is still open and leads directly back to China, a rather obvious smoking gun for network security sleuths.

Analysts saw the deliberate targeting of India’s power grid and financial infrastructure as “very unusual” and “concerning.” The intrusions were relatively superficial in nature – Indian cybersecurity chief Rajesh Pant compared them to prank calls on a telephone line – but troubling given the sensitivity of the targets. They were probably intended to intimidate India as it negotiates with China over disputed territory and possibly as the warm-up for more intense cyberattacks to come.

“India will have to work at breakneck speed to put in place stringent security for critical infrastructure. There may also be a need for state financial backing to help smaller companies that are part of the grid. Because if one is hacked, entire systems can be compromised,” warned security expert Sandeep Shukla.

“The impact of a cyber attack targeting the critical infrastructure of a country, whether for espionage or malicious activity, has the potential to be catastrophic with long-term repercussions. We have long seen cyber efforts from China aimed around strategic policies and initiatives, and this campaign from RedEcho is no exception,” said Dr. Christopher Ahlberg, CEO of Recorded Future, the U.S.-based security firm that traced the Red Echo attacks.

There is also some evidence to believe that China is assisting Pakistani hackers in their campaigns against India, notably including an operation intended to steal sensitive data from the Indian military and plant malware on Indian defense systems launched in 2019.

COMMENTS

Please let us know if you're having issues with commenting.