India is closely fighting the contest to militarise cyberspace. This has been triggered by constant attacks by foreign actors on India’s cyberspace. Several Indian firms have continued to expand the cyber-arms culture by carrying out pro-government campaigns, attempted hackings, and even providing cyber-espionage resources that could also be used for legal, government processes. The aim has been to improve the Indian cyber warfare capabilities to get ahead of its adversaries.
Today, Pakistan explicitly remains the most impacted nation by Indian cyber warfare capabilities. Its decades-long conflict with India has brought a switch in attacking platforms. From battlefields to cyberspace, the loss is huge on both sides.
Since the late 1990s, Pakistani hackers have successfully launched several “hacktivist” campaigns, fuelled with an ideology to deface Indian websites. They even developed malware that remained hidden in crafted fake blogs and news sites to steal the user data.
US-based Lookout Threat Intelligence team stated that Pakistan-originated Stealth Mango and Tangelo, the android and iOS surveillance ware tools, have continuously targeted Indian entities. They have also compromised sensitive data retrieved from individuals and groups through various infection vectors, i.e. phishing links to a fake third-party Android app store, or by physical access. Moreover, government officials, diplomats, military personnel, and activists in Afghanistan, Iraq, and the United Arab Emirates have also become the target of these threat actors.
Several Indian APT groups have responded to such attacks. An Indian hack-for-hire group – ‘Dark Basin’ used phishing attempts to target advocacy groups and journalists, elected and senior government officials, hedge funds, and multiple industries across six continents. Similarly, several other groups with cyber warfare capabilities came into the limelight. These firms used email penetration, corporate espionage, and exploitation to conduct cyber intelligence operations and commercial espionage on behalf of their clients.
Another cyber-espionage entity, SideWinder, was found to support Indian political interests globally. The group initiated attacks with spear-phishing emails, targeting governments and businesses throughout South and East Asia. Malicious attachments remained the standard approach while sending phishing emails. Attachments most commonly consisted of RTF files, and less commonly DOCX, LNK, and ZIP files.
The attacks and response attacks have subsequently increased the India-Pakistan cyber conflict. Further, the geopolitical factors have levelled up the cyber threat activity, with China, an ally of Pakistan, becoming another top target of state-sponsored Indian cyber-espionage. South Asian countries, such as Bangladesh, Sri Lanka, and Nepal, and even the Middle Eastern nations, have also remained the occasional targets of Indian hacking activity. The aim behind such activities has been to improve India’s national security, political and military intelligence.
Tech Rise 