×

Increasing cyber threat and need for Cyber strategy

Synopsis: As per the reports, China is increasing cyber-attacks. India needs to prepare a cyber strategy to tackle cyber warfare effectively.

Background
  • Recently, the Recorded Future (a U.S.-based cybersecurity firm) revealed an increase in suspected targeted intrusions against India from Chinese state-sponsored groups.
  • Also, according to State authorities in Maharashtra, the October 2020 blackout in Mumbai was directly linked to Chinese cyber-attack.
  • Indian cyber agencies such as the National Critical Information Infrastructure Protection Centre (NCIIPC) and the Indian Computer Emergency Response Team (CERT-In) may have information on China’s aggressive cyber campaign.
  • Thus, India needs to adopt comprehensive measures to guard its critical infrastructure from the cyber threat posed by China.
What are the revelations made by the Recorded Future?
  • One, at least 10 Indian power sector organisations have been targeted, in addition to two Indian ports.
  • Two, they have also identified the network infrastructure viz., AXIOMATICASYMPTOTE used for this purpose. Servers of AXIOMATICASYMPTOTE are known to be used by RedEcho. It is a China-linked activity group, that targets India’s power sector, and facilitates the employment of a malware known as Shadowpad.
      • ShadowPad is a network intrusion malware that creates a secret path from a targeted system to a command-and-control server to extract information.
      • ShadowPad is affiliated with both the Chinese Ministry of State Security and the People’s Liberation Army
What are the recent infamous cyber espionages at the global level?

China:

  • Chinese hackers are suspected for the development of a global ‘spearphishing campaign’. It targeted organizations responsible for vaccine storage and transportation. Its objectives are to;
    • target vaccine research
    • gain future access to corporate networks
    • collect sensitive information relating to COVID-19 vaccine distribution.
  • Also, recently in 2021, several thousands of U.S. organizations were hacked in by Chinese espionage campaign. The Chinese group, Hafnium, was identified as responsible for this breach. They exploited a series of flaws in the Microsoft software, that enabled them to gain total remote control over affected systems.
Russia:
  • Russia has been accused of cyber interference in the U.S. presidential elections in 2016.
  • Also, Russia is currently the prime suspect in one of the greatest data breaches concerning the U.S. Federal government.
  • Headlined SolarWinds, cyber-attack in 2020 is a prime example of the damage that can be caused by a cyber-attack.

How other countries are preparing to deter cyber warfare?

  • First, the US, to improve its readiness and resilience in cyberspace, made a budgetary allocation of over $10 billion for cybersecurity in his COVID-19 Relief Bill.
  • Second, China’s 2021 Defence Budget ($209 billion) gives special weightage to the Strategic Support Force (SSF), which embraces cyber warfare.

The Ukraine example (cyber-attack on the Power grid in 2016) should be a wake-up call for India and the world. It reminds us of the availability of advanced malware to carry out sophisticated cyber-attacks. Hence, preparing a comprehensive cyber strategy, that fully acknowledges the extent of the cyber threat from China and other countries, should be recognised as an immediate necessity.

Sources: The Hindu

Print Friendly and PDF