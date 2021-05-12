What's new

Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive

Zarvan

Zarvan

ELITE MEMBER
Apr 28, 2011
51,578
84
58,039
Country
Pakistan
Location
Pakistan
Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive

According to Micheal Benjamin, head of Black Lotus Labs, threat intelligence arm of US-based Lumen Technologies, Pak-based hackers targeted the power sector and one government organisation in India earlier this year using new malware--Remote Access Trojan (RAT).

ADVERTISEMENT


Ankit Kumar New DelhiJuly 13, 2021UPDATED: July 13, 2021 18:50 IST
[Representative image] Attackers installed a new kind of Remote Access Trojan, said Black Lotus Labs

[Representative image] Attackers installed a new kind of Remote Access Trojan, said Black Lotus Labs (Photo Credits: Getty Images)


Pakistan-based hackers targeted critical infrastructure of the power sector and one government organisation in India earlier this year using a new malware, said Black Lotus Labs, a threat intelligence arm of US-based Lumen Technologies.


The attackers installed a new kind of Remote Access Trojan (RAT) a program that enables covert surveillance and unauthorised access to victim’s computers. The hackers used India-based compromised domain URLs.

Speaking exclusively to India Today TV, Micheal Benjamin, Vice President of Product Security at Lumen Technologies-Black Lotus Labs, said, “There were a number of indicators suggesting how the campaign was carried out that led us to believe that the individuals were located in Pakistan. And from the network telemetry and network visibility that we have, we were able to ascertain that the targeting was very Indian specific, focused on power companies as well as a single government entity.”
READ: Ransomware hits hundreds of US companies, security firm says

RAT gave the attackers access to the IT network of the power companies, but it is not known if the Operations Technology (OT) networks, used for running the power operations, were affected or not, Benjamin said.


The cyber attack suggests that the attackers, “with operational infrastructure hosted in Pakistan”, used forged PDF communication related to Covid-19 vaccination.


The IP address assigned to the hacker groups belongs to Pakistani mobile data operator CMPak Limited, popularly known as Zong 4G in Pakistan. The mobile operator is a 100 percent owned subsidiary of China Mobile Communications Corporation.

(Forged vaccination document used in the attack. Source: Lumen Technologies)

Different from Chinese cyber attacks
Benjamin said the recent development lacked the characteristics of a Chinese state-sponsored cyber attack and any perceived overlap with Chinese groups was extremely unlikely in this case.

Earlier this year, a cybersecurity company based in Massachusetts claimed a Chinese hacker group targeted India's power sector organisations in 2020, when tensions between the two countries were high due to the border standoff.

“Some of the mechanisms that were used here, as well as the way the actors failed to hide themselves, did not match the sophistication we typically see with state-sponsored Chinese actors. So, I would separate these actor groups,” he clarified.
Past activities of these attackers suggest that those involved in this case focused mostly on India, Benjamin said.
ALSO READ: India a third-tier country in cyber warfare capabilities, report says US more powerful than China

Cyber attacks in Afghanistan
A Pakistan-based hacker network also targeted and compromised infrastructures in Afghanistan through a similar delivery mechanism. However, the number of compromised entities in Afghanistan is lower than that of India.

According to the Lumen report, the attacks successfully compromised the IT networks of at least one power transmission organisation, one power generation and transmission organisation and one government organisation.

Headquartered in Monroe, Louisiana, US, Lumen Technologies offers services like communications, network services, security, cloud solutions to businesses, the public sector and governments in more than 60 countries.

A recent report by the International Institute for Strategic Studies (IISS) found that India had made only modest progress in developing cyber security doctrine. The report positioned India among third-tier countries on a spectrum of cyber warfare capabilities.
ADVERTISEMENT

ALSO READ: Without naming China or Pakistan, India raises issue of cyber attacks at UNSC debate
ALSO READ: Cyber attack against US IT provider forces Swedish chain to close 800 stores


Click here for IndiaToday.in’s complete coverage of the coronavirus pandemic.

Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive - India News (indiatoday.in)
 
Oracle

Oracle

FULL MEMBER
Dec 29, 2014
998
0
1,792
Country
Pakistan
Location
Pakistan
this is not good. it will start a hacking war

wait for a week and you will see they reply in attacking our power sector
 
You must log in or register to reply here.

Users Who Are Viewing This Thread (Total: 3, Members: 0, Guests: 3)

Similar threads

GlobalVillageSpace
Chinese Ambassador Nong Rong on evolving Pak-China relationship: GVS Exclusive
Replies
0
Views
119
GlobalVillageSpace
GlobalVillageSpace
FOOLS_NIGHTMARE
Exclusive: China Rotates Troops In Aksai Chin
Replies
5
Views
373
Vapnope
Vapnope
Hiptullha
Exclusive: Ayodhya BJP mayor’s nephew bought land for 20 lakh, sold it to Ram temple trust for 2.5 crore
Replies
3
Views
195
lonelyman
lonelyman
Zarvan
CZ BUYS COLT: An Exclusive Interview With Lubomír Kovařík – President CZG
Replies
0
Views
613
Zarvan
Zarvan
B
Exclusive: Chinese scientists achieve quantum information masking, paving way for encrypted communication application
Replies
1
Views
169
Adecypher
Adecypher

Latest posts

Pakistan Defence Latest Posts

Pakistan Affairs Latest Posts

Military Forum Latest Posts

Country Latest Posts

Top Bottom