NEW DELHI: The Ministry of Home Affairs has warned of an “intense digital war” by non-State actors who are attempting to steal sensitive data from Indian information infrastructure. The shadowy players are allegedly trying to infiltrate the system using a unique method — by spoofing email IDs like ‘gov.in’ or ‘nic.in’ — that target gullible government staff sitting on massive amounts of data.
“It has been observed that a new wave of phishing campaign, to gather user credentials and targeted attacks to compromise computers, is on the rise,” a secret ministry note has said.
“Another alarming trend is to use spoofed/compromised mail IDs of NIC domains (@gov.in, @nic.in, @mea.nic.in) with intended recipients.”
Experts have identified three types of attacks. Primarily, the attackers are looking for easy prey, who fall for the phishing emails, to steal credentials of government computer users.
Secondly, there have been instances where attackers use emails with malicious web links and attachments that compromise computers when clicked on, and inject a ‘remote control tool’.
Third, they send seemingly novice emails to establish association with the recipients for further malicious activities.
“It is increasingly noticed that malicious codes embedded in files like doc, xls, PDF and zip are sent as mail attachments to target computers. Opening of these files would result in compromise, which, in turn, may lead to pilferage of computer configuration details, keystrokes, documents stored in the system besides gaining remote access,” the note added.
As a precautionary measure, government staff have been asked not to connect their smartphones and personal storage devices to official computers. They have also been told not to store any confidential files on their personal devices and to turn off GPS location feature to avoid being tracked.