Why are India’s Institutions Silent? | #cybersecurity | #cyberattack

The news report goes on to nail the source of the digital records. So far, forensic labs had only established that there was a much larger pattern: “The hackers had targeted hundreds of activists, journalists, academics, and lawyers with phishing emails and malware since as early as 2012.” Another Forensic institute, Sentinel Labs, had stopped short of identifying any individual or organisation behind the hackers, only saying that the “activity aligns sharply with Indian state interests”.

Now, working with a security analyst at an email provider service, who shared information with WIRED but declined to be identified, Sentinel Labs has learned that three of the victim email accounts compromised by the hackers in 2018 and 2019 had a recovery email address and phone number added as a backup mechanism. For those accounts, which belonged to Rona Wilson, Varavara Rao, and Hany Babu, the latest report reveals that the “addition of a new recovery email and phone number appears to have been intended to allow the hacker to easily regain control of the accounts if their passwords were changed”. The report added, “To the researchers’ surprise, that recovery email on all three accounts included the full name of a police official in Pune who was closely involved in the Bhima Koregaon 16 case.”

The news report also identifies other fingerprints the hackers left, including information gleaned via a leaked database on TrueCaller, clues that tie the recovery mail to Pune city police. The details this story brought to the fore and almost zero attention it has got in any discussion forum within India put to question India’s right to call itself a rules-based democracy.

Original Source link

Leave a Reply

Your email address will not be published.

five + four =