'Indian websites are more vulnerable to cyber attacks from Pakistan-based hackers on major events'

Popular Indian websites are more prone to cyber-attacks during events like Independence Day, 26/11 and cricket matches.

  • Updated: February 12, 2016 9:50 PM IST

India-Pakistan rivalry has spilled over into cyberspace through hacktivism and even “state-sponsored” attacks with popular Indian websites more prone to such strikes during high-profile events like cricket matches and Independence Day, a CIA-backed threat intelligence company has said. Analyzing patterns of cyber-attacks around several events like Independence Day, 26/11 and cricket matches, Boston-based Recorded Future in its report suggested many possible motivations and objectives of the cyber activities between India and Pakistan, ranging from loosely- affiliated hacktivist groups defacing symbols and institutions to more coordinated state-sponsored attacks.

“These are nationalistic hacker groups,” Nagraj Seshadri, co-author of the report ‘Hactivisk: India vs Pakistan’, told after the release of the study yesterday, which he said, is based on information extracted from the public domain. “The objective mostly is public embarrassment. If there is a big event, or if there is a big anniversary in the physical world or geo-political context, it is important to be vigilant on the cyber context and be prepared as well when it comes to websites or other cyber assets,” Seshadri said.

According to the report, India and Pakistan’s Independence Days, which fall on August 15 and August 14 respectively, create a predictable pattern (at least over the past three years) of attacks and retaliatory strikes by the opposing hacker groups. An uptick in such activity before and after this year’s Independence Day should not come as a surprise, the report said. Taking a closer look at the activities of the Pakistan Cyber Army (PCA), the report said it has been consistently active at least since the 2007 hacking, defacing and shutting down high-profile Indian websites.

ALSO READ: India ranks 3rd in Asia when it comes to ransomware attacks: Symantec

Government and private sites have been targeted by PCA including Indian Oil and Natural Gas Corporation (a Fortune 500 company), Indian Railways, the Central Bureau of Investigation, Central Bank of India, and the State Government of Kerala. In fact, investigations by Recorded Future found that PCA has been publicly posting tutorials on some of its social network groups including Facebook on how to hack or deface an Indian website.

“When we investigate the PCA’s TTPs (tactics, techniques, and procedures) to learn how they operate, we find examples like tutorials on how to set up phishing attacks as shown in this Facebook post,” the report said as it showed a snapshot of the Facebook page. “In some instances the hackers chose to identify themselves for example, the hacker behind India’s Kerala state website defacement in September 2015 identified himself as ‘Faisal 1337’. But this is rare,” it said.

  • Published Date: February 12, 2016 3:01 PM IST
  • Updated Date: February 12, 2016 9:50 PM IST