New Study Shows Increasing Cyber Attacks On India s Critical Infrastructure | #cybersecurity | #cyberattack


A new study conducted by CyberPeace Foundation, along with Autobot Infosec and CyberPeace Center of Excellence has found that Indian oil companies faced 3.6 lakh cyberattacks in the last six months.

Among these most noticeable in recent weeks has been the targeting of Oil India Limited. On April 13, it was reported that PSU major Oil India Limited’s registered headquarter at Duliajan in Assam’s Dibrugarh district was purportedly under a cyber attack which led the company to shut down all its computers and IT systems at the office.

The next day it was reported that the company had received a ransom demand of $75,00,000 (roughly Rs. 57 crore) from the perpetrator. Subsequently, a case was registered under various sections of the Indian Penal Code and the Information Technology Act, 2000, after the company lodged a complaint with the police.

The report highlighted that from the observed activity, October 2021 had 11,763 attacks. This figure then jumped to 55,871 in November 2021, while December registered a fall with 20,714 attacks. January 2022 saw the figure going up once again with 52,298 breaches. Similarly, February, March recorded 19,342 and 69,998 hits respectively. As of April 12, there have been 23,833 hits.

The study said the threat actors mostly used FTP, HTTP, s7comm, Modbus, SNMP and BACnet as the attack vectors.

The study yet again signals the increased targeting of critical infrastructure of Indian companies. Such attacks have increased in the past year worldwide as well. CyberPeace Foundation also detected a significant increase in phishing and social engineering attacks on Indian organizations in the oil and refining industries. Such attacks are used to dupe users into sharing sensitive information like passwords and other access details. Hackers are even using WhatsApp to send phishing messages with malicious links in the name of Indian Oil Corp, the firm said.

Earlier in the month, UK-based cybersecurity firm Recorded Future warned about a Chines state-backed threat campaign targeting power companies in India. It had flagged similar attacks on power grids in the country in February. Similar, reports came in last year as well when the firm said that a Chinese state-backed hacker group called RedEcho had targeted power grids in India.

Officially, China denied any involvement China’s foreign ministry spokesman claimed China does not tolerate hacking. Union Power Minister R.K. Singh observed India cyber defence capabilities thwarted the China’s attacks, revealing why cyber defence remains India’s first line of protection against attacks and where investment by the Indian state has been strong.

However, Kartik Bommakanti, Fellow with the Startegic Studies Programme, ORF contends that the concentration of the targets is also indicative of the level of effort China is making in probing for weaknesses in India’s electricity infrastructure. “The attacks may have only been a dry run by the Chinese cyber-attack teams in preparation for something more devastating down the line,” notes Bommakanti.

He further highlights that there is evidence to suggest cyber espionage as well. “Cyber espionage is critical because it would have helped assess and determine the nature or the intricate characteristics of the cyber network on which the electricity grid in Northern India close to the border with China is based. Cyber espionage is a vital prerequisite for cyber-attacks, even if these latest attacks by the PRC failed to inflict any serious damage,” reckons Bommakanti.

He suggests that at present India’s primary or possibly only response measures appear to be defensive and India should now also invest in more offensive cyber means as a response.






Original Source link

Leave a Reply

Your email address will not be published.

− three = 4