Between June and July 2022, India witnessed the biggest and a series of cyber attacks from around the world with International hacktivists groups taking accountability for the attack. Security experts indicated that there were attempts to breach a prominent bank in India by the same hacktivist group that has over 13,000 members.
Data breaches and distributed denial of service (DDoS attack – a malicious attempt to disrupt normal traffic to a web property) also incurred on numerous individual and state-owned websites in India.
The hack constructed by hacktivist groups like – ‘DragonForce Malaysia’, ‘Hacktivist Indonesia’ and others, a series of attacks were dedicated at the Indian Embassy in Israel, National Institute of Agriculture Extension Management and the e-portal of the Indian Council of Agriculture Research which topped the list of such Indian government websites that were targeted to be hacked and compromised.
The hacking group launched a campaign ‘OpsPatuk’ roughly translating to ‘strike back’ against the Indian government. The group sought help from Muslim Hackers From All Over The World, Human Rights Organizations and Activists releasing a statement on twitter inviting the groups to unite against the Indian government.
While some cyber experts and Indian government officials call the hack a religiously motivated one, India’s cyber intelligence unit failed in spite of definite warnings by these groups.
This attack can be called a big blow for cyber security units working within the law enforcement agencies of Indian government when the group shared Indian users’ social media credentials, particularly Facebook access and leading bank username and password combinations to enable their allies in launching these hybrid cyber attacks against India.
This attack jeopardized not only the websites of the Indian government, but also the personal data of millions of Indian users.
Police Systems hacked
The official website of Thane police (city police neighboring to the Mumbai police, the state of Maharashtra) was hacked this year by a similar hacktivist group. Though the website was later restored to its original form the hack leaves an imprint of failed cyber intelligence and security within the Indian law enforcement agency’s systems. The website displayed “Hacked by The One Hat Cyber Team” writing a message to the Government of India asking the Indian government to apologize to Muslims.
19.99% Telnet attacks in India
A study conducted by Comparitech in the year 2021 looked over 60 countries to find out where in the world you’re most ‘cyber safe.’ Last year, they analyzed 75 countries, judging each of them with an extended list of 15 criteria.
The study showed that India ranks the first among many countries which is vulnerable to Telnet attacks followed by China and Egypt.
percentage of Telnet attacks by originating country (IoT)
1. India – 19.99%
2. China – 15.46%
3. Egypt – 9.77%
India Ranked the 6th most cyber unsafe country in the world
After countries like the Tajikistan, Bangladesh, China, Vietnam, Algeria, India ranked among the top 6 countries vulnerable and at higher risks of cyber breach. According to the quarterly reports released by Kaspersky, there were a few areas that saw a rise in Q2, tying in with the beginning of the pandemic.
The most significant of these were percentage of attacks by crypto miners, percentage of mobiles infected with malware, and percentage of users attacked by mobile banking trojans. Some countries also saw significant spikes where others perhaps didn’t.
For example, in India, there was a significant increase in the percentage of telnet attacks by originating country (IoT) – rising by 54.14 percent (3.14% to 4.84%) from Q1 to Q2 and by 313.02% (4.84% to 19.99%) from Q2 to Q3.
India, Italy, South Africa and Ukraine were also among such countries where COVID-19-related malicious file detections were found after inspection of majority of the files.
Ukraine-Russian Cyber War
What most of the countries should learn from the ongoing tensions between Ukraine and Russia is that a war is not only fought on the borders of a country but also through the very screen of your computers. Russia not only invaded Ukraine through its military forces but also launched a series of Cyber warfares against Ukraine.
The ongoing tension between both the countries is not recent and Russia have been trying to dismantle Cyber privacy and security of Ukraine from the year 2014. State-sponsored Russian hackers tried to break into the Central election commission of Ukraine in order to fake the results.
The unsuccessful hack was followed by Russian hackers breaking into Ukraine’s power grid in the year 2015 followed by a six hours long black out in the whole country which gave Sandworm a reputation of the most disruptive cyber-war oriented hacker group in the world.
The group returned with destroying terabytes of data of Ukrainian agency networks such as Ministry of defense, infrastructure and finance. Then came the 2017 ransom hack by the same ‘hacktivist’ group known as the Notpetya Malware, where Ukrainians across the country started receiving malware messages asking for ransom in exchange of retrieving their files, which have been encrypted or destroyed by the hackers.
These messages were not only received by civilians but also government offices were demanded ransom. The Kremlin government released a deepfake video of Ukrainian president Vladimir Zelenskyy telling his troops to surrender and lay down their arms, during the ongoing war between Russia and Ukraine.
On the contrary, Ukraine-pro hackers also gave a rugged time to the Russian government by blocking Russian and Belarusian websites and disrupting internet connectivity at the St. Petersburg International Economic Forum, which delayed Vladimir Putin’s keynote speech by some 100 minutes through the constructive DDoS attack.
Anonymous ‘hacktivist’ group previously declaring a cyber war on Russia after Putin invaded Ukraine hacked into Russian television broadcasts such as Russia-24, Channel One, Moscow 24, Wink and Ivi displayed censored images and messages supporting Ukraine on television that were banned by the Russian government.
The group further heightened attacks on national holidays, including hacking into Russian video platform RuTube and smart TV channel listings on Russia’s ‘Victory Day’ (May 9) and Russia’s real estate federal agency Rosreestr on Ukraine’s ‘Constitution Day’ (June 28). This war between these countries elevate the chances of cyber war that can be used as a strong weapon against any government of any country in the battlefield.
How prepared is India?
Indian government claims to be moving forward with cyber intelligence and beefing up cyber security, but looking at global-level hacks during the month of June and July this year, such doesn’t seem the case with cyber security.
Furthermore, the country is vulnerable and subject to data, information breach of all channels, including private and confidential information. Two hacktivist groups hacking into 2000 Websites of the Indian government and private organizations is a very important issue which cannot be neglected at any cost. Indian government is surely trying to bury the matter under the sand, but the groups openly threatened to hack confidential information.
In 2021, Business Standard reported that India should be among the biggest victims of cyber attacks in the upcoming two years. Cyber attacks are expected to increase by 200 percent per year. However, this is also a decrease from the gross INR 552.3 crore spent on cybersecurity, based on revised 2021-2022 estimates.
The government had now provided only INR 416 crore rupees for cybersecurity. There is no cyber-army units placed to fight online warfare from the side of Indian government, though after a series of cyber attack in June and July, Union Home Minister Amit Shah directed the formation of a committee headed by the home secretary to formulate a strategy to tackle cyber attacks.
The government sooner or later will realize that unionized and coordinated cyber-attacks directly impact the intense national security implications.
The world has a vivid example of cyber warfare in the form of cyber-attacks between Ukraine and Russia and how a country can be brought to halt by such attacks. India not having a central cybersecurity policy is making it worse, when imperative action is needed to strengthen the nation’s cybersecurity.
Akansha Deshmukh is an Independent Investigative Journalist covering serious crime, cyberspace, terrorism and political corruption.
Views are personal
Stay updated with all the insights.
Navigate news, 1 email day.
Subscribe to Qrius