Shadowy attacks on government info infrastructure

The Ministry of Home Affairs has warned against the intense digital war by non-state actors against Indian information infrastructure that aims to compromise and steal sensitive data.

Published: 15th June 2017 09:00 PM  |   Last Updated: 15th June 2017 09:00 PM   |  A+A-

Smartphone. (Image for representational purpose)

Express News Service

NEW DELHI: The Ministry of Home Affairs has warned against the intense digital war by non-state actors against Indian information infrastructure that aims to compromise and steal sensitive data. The shadowy actors are using a unique method by spoofing the government email IDs like gov.in or nic.in to lay a trap to target a careless government employee sitting on massive data to infiltrate the system. 

The Ministry in a secret note said: "It has been observed that a new wave of a phishing campaign, to gather user credentials and targeted attacks to compromise computers, is on the rise. Another alarming trend is to use spoofed/compromised mail IDs of NIC domains (@gov.in, @nic.in, @mea.nic.in) with intended recipients." 

The digital warriors protecting the Indian infrastructures have identified three types of attacks. Primarily the cyber attackers are looking for easy prey with phishing emails to steal credentials of users of government computers. Secondly, there has been instances where the attackers are using emails with malicious web links and file attachment to compromise the computers and thus injecting remote control tool.  

Thirdly, seemingly novice emails to establish an association with the recipients for further malicious activities. 

"It is increasingly noticed that malicious codes embedded in document files like doc, xls, PDF and zip are sent as mail attachments to target computers. Opening of these files would result in compromise, which in turn may lead to pilferage of computer configuration details, keystrokes, documents stored in the system besides gaining remote access to the compromised computers," the Home Ministry note said. 

The government employees have been asked to avoid using personal storage device and restrict connecting the smartphones to the official computer. Even the smart devices being used by the government officials are equally vulnerable to cyber attacks. The note said more features, applications, and services have been made available of these phones for exploits. "These gadgets are known to be used for bugging, monitoring call details, contents, SMS monitoring, spoofing and other malicious activities without the knowledge of users. Even tabs are known to have multiple vulnerabilities which are being widely exploited by the adversary." 

The government babus have been told not to store and transact any confidential documents through smartphone and must turn off GPS location feature on the phone to avoid being tracked and tailed in real time. 

"Do not jail-break device as jail-breaking removes the restrictions on which apps can be installed or un-installed and removes protection set by the manufacturer," the note said. 

The increasing shift to digital has changed the rule of the game significantly enabling the adversary nations and non-state actors to target and paralyse critical information network. The cyber threat is real and more lethal than ever. 

Stay up to date on all the latest Nation news with The New Indian Express App. Download now
(Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.)

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp