Cybersecurity firm Cyfirma said it had alerted the Indian Computer Emergency Response Team (Cert-In), the country’s nodal cyber security agency, about conversations linked to a Pakistan state-sponsored group that identifies itself as ‘IOK’.
By Priyanka Sangani, Economic Times.
Pune: State-sponsored hackers could target India’s health ministry and corporate donors to the PM Cares Fund, cyber security experts have said, basing their conclusions on conversations tracked on what is known as the Dark Web.
Dark Web refers to that area of cyberspace where content cannot be searched using normal search engines because it is encrypted.
Cybersecurity firm Cyfirma said it had alerted the Indian Computer Emergency Response Team (Cert-In), the country’s nodal cyber security agency, about conversations linked to a Pakistan state-sponsored group that identifies itself as ‘IOK<Babur>’.
“We observed increased activity in the hackers’ Dark Web communities. We initially thought that they were after financial gains, but the objective appears to be to cause reputational damage,” Ritesh Kumar, CEO of Cyfirma told ET.
The report also listed top donors to the PM Cares Fund, including the Adani Group, JSW Group, Reliance Industries and L&T, which were mentioned in the conversations.
Cert-In and some of the companies mentioned in the list did not respond to emails till press time Tuesday.
Another cyber security firm, Malwarebytes Labs, also highlighted similar concerns.
“APT36 (a hacker group) performs cyber-espionage operations with the intent of collecting sensitive information from India that supports Pakistani military and diplomatic interests,” Malwarebytes Labs said in a separate report. Scams related to SARS, H1N1 and avian flu have circulated online for over a decade now, according to the report.
Earlier this month, APT32, another hacker group believed to be responsible for a series of attacks on China’s Ministry of Emergency Management and the government of Wuhan province, was linked to the Vietnamese government by FireEye Mandiant Threat Intelligence.
The Covid-19 pandemic has resulted in an increase in state-sponsored cybercrime across the world, according to Google’s Threat Analysis Group.
More than a dozen government-backed attacker groups were using Covid-19 related themes as lure for phishing and malware attempts, trying to get their targets to click malicious links and download files, Google found.
Indian corporates, too, have been under threat from hackers.
Last week, IT services firm Cognizant faced a Maze ransomware attack, which it said impacted clients as well.