Chinese hackers attempted attack on Indian Cyberspace more than 40,300 times in a week post- Galwan clash
An Overview:
After a month’s face-off at Galwan valley with Indian Soldiers, China has attempted over 40,000 cyber attacks on India’s Information Technology infrastructure and banking sector in the last five days. Chinese threat actors are widely known cybercrime actors across the world; the surge in hacker activity comes in light of heightened geopolitical tensions in Galwan Valley.
India is one of the top five most-targeted countries online, and most of the attacks originate from six countries China, Russia, Pakistan, Ukraine, Vietnam and North Korea. As these attacks have been happening over a while now, the pattern is not definite. According to Cyber researchers, most of these attacks originated in Chendgu area in China.
“Indian Internet users should pay attention to the threat of attacks, creating robust ‘firewalls’ and conduct cybersecurity audits, researchers say.” According to the officials, these China-based hackers have a database of approximately 20 lakh Indian email IDs.
Hence, it is essential that the government officials, as well as private internet users, shall guard against phishing, where an attempt is made to obtain confidential information like passwords or passcodes by sending fraudulent email or text messages. The attacks, therefore, can be divided into three categories- denial of service, IP Hijacking and Phishing.
Modus Operandi of Cyberattacks in India:
- Phishing and social engineering attacks from 57% of all
- Malware attacks are at 41%
- Spear-phishing at 30%,
- DoS at 20%
- Ransomware at 19%
As per the recent reports from the Quick Heal Security Labs, they have seen some well-calibrated attacks targeting India’s critical infrastructure using malware that is designed to communicate with CnC (Command & Control) servers based in China. As a part of these attacks, the crypto miners and Remote Access Tool (RAT) malware are being dropped on victim computers that enable remote administration and extensive interactions with those devices. Some other actions include keylogging (a common tactic used to steal credentials), screen capture, privilege escalation and data exfiltration.
One such example of the attack is a fraudulent email ID ‘ncov2019@gov.in’ that sent bogus information about free COVID-19 testing for residents of Delhi, Mumbai, Hyderabad, Chennai & Ahmedabad, as per the officials. Already the COVID-19 pandemic has created panic among the people, and the cybercriminals taking advantage by sending phishing emails in the form of an important update or under the false cure, false advice, false medication to extract money.
Also, as per a recent report, there are at least half dozen fake versions of the ‘PM CARES’ accounts to target Indians, and over 8,000 complaints have been received from Indians at home and abroad who have been fooled into donating to the portals.
According to recent information, 40,300 cyber attacks were attempted and hence the officials have further advised everyone, including all individual users, to pay close attention to necessary cybersecurity protocol and protect their online resources.
The Data breaches have cost organizations in India roughly between $100 million to $200 million per year.
Things to do if you receive such malicious emails:
- First and foremost, Do Not open attachments in unsolicited emails, even if they come from people in your contacts.
- Never click on a URL contained in an unsolicited email. If you feel the email is genuine, please go the official website directly through your browser and check for the information.
- Scan and remove suspicious e-mail attachments even if the attachment is expected and the sender is known.
- Beware of the phishing domains, spelling errors in emails, websites and unfamiliar email senders.
- Do Not submit your personal information to unknown URLs and unfamiliar websites.
- Update spam filters with later spam mail contents and if you notice any unusual activity, report immediately to the right officials.