After the recent violent clash between India and China at the borders, Chinese hackers are targeting several Indian entities
After the recent violent clash between India and China at the borders, Chinese hackers are targeting several Indian entities.
Cyfirma Research, a Singapore based threat intelligence firm discovered about the series of hacks targeting Indian commercial organisations, multiple government sites and media organisations by Chinese hackers.
The targeted sectors can be classified into telecom, pharma, media companies, smartphone makers, construction and tyre companies.
The cyber firm reported that the reason for hacking government sites is to ‘name and shame’ of the central government ministries which include,
- Ministry of Foreign Affairs
- Ministry of Defence
- Ministry of Information and Broadcasting
According to Cyfirma, the hacking group attempts to cause reputation damage and pull out any sensitive information that could hinder their operations including trade secrets. Commercial organisations include;
- Jio
- MRF Tyres
- Sun Pharmaceuticals
- Airtel
- Cipla
- Index Technologies
- Micromax
- BSNL
- Apollo Tyres
- L&T
Media houses targeted by Chinese hackers include;
- Times of India
- Republic TV
- NDTV
- Hindustan Times
- X-TV
- Aaj Tak
- Dainik Jagran
“In the hacker’s conversations, IP (Internet Protocol) addresses were shared and discussed. Our analysis of these IP addresses attributed Gothic Panda and Stone Pandato to be behind these potential hacking campaigns. These are two profilings hacking groups with close association with the Chinese government,” reads the note released by the firm.
The Chinese hackers behind the threat
Gothic Panda - also known as APT3, UPS and TG-011 featured with high confidence directly to the Chinese Ministry of State Security (MSS) in the past. It has been involved in the operation campaigns like Operation Clandestine Fox, Double Tap and Clandestine Wolf. It has a record of targeting defence, aerospace, transportation, manufacturing, construction and engineering.
Stone Panda, a renowned expert group also known as APT10, Red Apollo, CVNX, HOGFISH and menuPass evolved in China, has been active since 2009. It is known for trade secret theft and also has been involved in looting supply chain information.
Cyfirma said that both these threat groups have been actively involved in targeting organisations in countries like India, Japan, Canada and Brazil. The common attacks undertaken by these two firms included trashing websites, using vulnerabilities in web applications, denial of service and impersonating websites of companies.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: “BlueLeaks” Exposes Data of 200 US police Departments and Exposed Online