NEW DELHI: A cyber attack on government and commercial organisations in India by Chinese military’s western headquarters, which oversees India, has raised alarm bells in the corridors of South Block. An alert has been issued to the Indian Army, Navy and Air Force that a Chinese Advanced Persistent Threat (APT) group called Suckfly, based in Chengdu region, is targeting Indian organisations. India’s defence establishment is its prime target.
Suckfly is involved in carrying out cyber espionage activities by sending out a malware called Nidiran.
According to the alert, Suckfly has stolen certificates from legitimate software developing firms in South Korea and is using them to camouflage its attacks. “Sensitive information from targeting computers and networks is exfiltrated, and this information is being used to undermine the national security and economic capabilities,” the alert issued from the Ministry of Defence states.
APT is a network attack in which an unauthorised person gains access and stays there undetected for a long period of time. The intention of an APT attack is to steal data instead of causing damage to the network or organisation.
“It has successfully carried out cyber espionage by infecting computers of both government and commercial houses of India involved in e-commerce, finance, healthcare, shipping and technology. Targeting of military personnel cannot be ruled out, keeping in mind the sensitive nature of data being handled by them,” the alert adds.
What is alarming for security agencies is that the cyber attack was carried out from the headquarters of China’s People’s Liberation Army. Chengdu Military Command is in charge of security along India’s eastern sector in the Tibet region, including Arunachal Pradesh. Defence Minister Manohar Parrikar had visited Chengdu Military Command during his visit to Beijing in April.
Indian Army headquarters issued an alert note last week (prepared by its Cyber Security Division) to all command headquarters, formations and locations. A similar note has been sent by the IAF and Naval headquarters to their respective commands.
Amidst increasing incidents of cyber attacks on Indian defence establishments, a proposal for a dedicated tri-service command for cyber security requires a push, according to a defence official.
After a 2012 cyber attack by Chinese hackers, who managed to penetrate the commuter systems of the Navy’s Visakhapatnam-based Eastern Command, where the country’s first indigenous nuclear submarine INS Arihant is undergoing sea trial, a draft proposal for setting up a cyber command was prepared after talks with all three service chiefs.