According to a report sent to the National Security Council Secretariat (NSCS) and other security agencies by a specific department of the Ministry of Electronics and Information Technology reveals that the majority of cyber-attacks on authorized Indian websites are from China, US and Russia.
The report also highlighted the possibility of “malicious actors from Pakistan using German and Canadian cyberspace for intruding into Indian cyberspace and carrying out malicious activities”.
The Indian Computer Emergency Response Team (CERT-In), which comes under the ministry; has prepared the report which studied and investigated the roots of cyber-attacks from April-June 2018.
The nodal agency CERT-In is the body that tackles cyber security threats like hacking and phishing. Its primary function is to collect, analyse and disseminate information on “cyber incidents” along side issuing warnings pertaining to “cyber security incidents”.
The report states that it has been detected that China continues to “intrude” Indian cyber space in a “significant” way. “The cyber attacks from China made up 35% of the total number of cyber-attacks on official Indian websites, followed by US (17%), Russia (15%), Pakistan (9%), Canada (7%) and Germany (5%),” says the report.
“Many of the institutions impacted by the malicious activities have been identified, and they have been advised to take appropriate preventive action. These include Oil and Natural Gas Corporation (ONGC), National Informatics Centre (NIC), Indian Railway Catering and Tourism Corporation (IRCTC), Railways, Centre for Railway Information Systems (CRIS) and some banks like Punjab National Bank, Oriental Bank of Commerce, State Bank of India and state data centres, particularly in Maharashtra, Madhya Pradesh and Karnataka,” the report says.
“The activities relating to intruding into the cyber space are being regularly monitored. China continues to be intruding the cyber space in a significant way followed by the US and Russia. It has also been observed that intruding activities are coming from Canadian and German cyberspace — most possibly suspected to have originated from Pakistan actors to target Indian websites,” the report adds.
“They are targeting by sending spear phishing emails with malware attachments. Phishing attacks are usually in the form of an email from a trusted source where they ask for personal details such as bank details personal details, passwords,” says a cyber security official.