Chinese hackers have increased attempts to hack several Indian entities after the recent border clash between the two countries, reports Business Today.
Hacker groups with links to the Chinese government attempted to carry out a series of hacks on Indian businesses, multiple government ministries and media organisations, as per the report.
Singapore-based Cyfirma Research, which is a cyber threat intelligence firm, said Chinese hacker groups are targeting entities like the Defence Ministry, Reliance Jio, Airtel, BSNL, Micromax, Cipla, Sun Pharma, MRF and L&T.
The research firm adds that it could be an attempt to “tarnish” the reputation of the entities by spying on sensitive information, including trade secrets.
Expert View | China’s LAC satellite imagery doesn’t tell the full story
The sectors that were targeted for cyberattacks can be broadly classified into telecom, pharma, media companies, smartphone makers, construction and tyre companies.
Government ministries targeted
The cyber threat firm’s analysis has also shed light on the fact that the hackers particularly targeted three central government ministries including the Ministry of Foreign Affairs, Ministry of Defence and the Ministry of Information and Broadcasting.
The firm added that the hacker groups behind these attacks have a history of carrying out major cyberattacks in different countries.
A note released by the firm said: “In the hackers’ conversations, IP [Internet protocol] addresses were shared and discussed. Our analysis of these IP addresses attributed Gothic Panda and Stone Panda to be behind these potential hacking campaigns. These are two prolific hacking groups with close association with the Chinese Government.”
Also Read | Military talks between India and China positive, consensus reached on disengagement in Ladakh
It further adds that Gothic Panda has a track record of targeting strategic sectors such as defence, aerospace, telecom, transportation, manufacturing, construction and engineering.
Meanwhile, Stone Panda – a notorious expert group know for trade secret theft — has been actively involved in stealing supply chain information.
India top target
Cyfirma said both groups have been actively involved in targeting organisation in countries like India, Japan, Canada and Brazil.
Some of the common attacks attempted by these two firms included defacing websites using vulnerabilities in web applications, spying on data using specialised malware, denial of service and impersonating websites of companies and launching malicious phishing campaigns.
The cyber threat firm confirmed in its note that the data was analysed between June and June 18 and experts noted that the attacks on Indian institutions continue to remain high after the deadly border clash at Galwan River Valley in Ladakh.
Also Read | 3 separate brawls, ‘outsider’ Chinese troops & more: Most detailed account of June 15 battle
Also Watch | Exclusive: What happened on the night of Galwan clash