'Digital India' making India a 'strategic' cyber attack victim

A FireEye report found that 38 percent of organisations in India were exposed to targeted advanced persistent attacks in the first half of 2015, a 23 percent increase from the previous report.
"Geopolitical tensions and digitization in the region have steadily ratcheted up in recent months, and cyber activity reflects this," the security firm said.

FireEye found organisations in every geography in Asia Pacific, including India, experienced a higher or equal rate to advanced persistent threat (APT) groups than the global average of 20 percent in the report.

In the first half of 2015, FireEye revealed two attacks likely conducted by China-based threat actors on Indian organisations. APT30 conducted a decade-long cyber-espionage campaign that compromised, among others, an Indian aerospace and defense company. The WATERMAIN campaign targeted India and its neighboring countries and appeared to target information about ongoing border disputes and other diplomatic matters.

"India is fast becoming a strategic target, in part because of the potentially sensitive information that is expected to be digitized through ambitious and high-profile projects such as Digital India," the report said.

"The focus on India is reflected in the finding in today’s report that India ranked fourth in Asia Pacific countries exhibiting the most command-and-control (CnC) infection callbacks, which indicates the presence of compromised systems that are actively communicating with the APT groups’ command and control infrastructure."

Across Asia Pacific, the FireEye report revealed that over 50 percent of telecommunications firms and government organisations have faced advanced persistent attacks, with education and the high-tech industry not far behind. The WATERMAIN threat is an example of attacks on higher educational institutions on India and bordering countries.

Bryce Boland, chief technology officer for Asia Pacific at FireEye said, “As India embarks on ambitious technology projects, attackers are exploiting gaps to compromise critical networks. Indian organisations are more likely to be exposed to attacks than the global average. In the future, India’s growing economic clout and rising regional influence are likely make it a more attractive target to threat groups. These threat groups seek access to intellectual property, intelligence and critical infrastructure.”