Chinese State-Backed Hackers Targeted India’s NIC In Cyberattacks: Report

Chinese State-Backed Hackers Targeted India’s NIC In Cyberattacks: Report

SUMMARY

The group, RedAlpha, has also consistently spoofed login pages for India’s NIC, which manages wider IT infrastructure and services for the Indian government: Report

Cybersecurity firm Recorded Future also found a fake email login page resembling the webpage of the NIC’s email service

The group targeted organisations across the globe, including Taiwan’s Democratic Progressive Party and ministries of foreign affairs of multiple countries

Chinese government-backed hackers allegedly targeted India’s National Informatics Centre (NIC) in a cyberattack, according to a report released by cybersecurity firm Recorded Future. 

NIC manages the information technology (IT) infrastructure of the Indian government.

“The group has also consistently spoofed login pages for India’s National Informatics Centre (NIC), which manages wider IT infrastructure and services for the Indian government,” the report said.

The cybersecurity firm also found a fake email login page resembling the webpage of the NIC’s email service. NIC’s webmail service is reserved for all union ministers, parliamentarians as well as key officials of the central government.

The attack was allegedly the handiwork of a group called RedAlpha and targeted a slew of humanitarian and government organisations including Amnesty International, Taiwan’s Democratic Progressive Party and ministries of foreign affairs in multiple countries.

The attacks were largely marked by the use of large numbers of domains typosquatting as the web addresses of these organisations. Typosquatting refers to deliberate use of misspelling of uniform resource locators (URLs) to enable hackers to undertake theft of confidential user login data.

NIC was the seventh largest victim of the spoofing attacks. More than 10 typosquat domains deployed by RedAlpha were uncovered by the firm.  

“Since at least 2015, RedAlpha has consistently registered and weaponised large amounts of domains for use in credential-theft campaigns. These domains typically imitate well-known email service providers and spoof specific organisations that are either directly targeted in RedAlpha activity or that can be used to impersonate those organisations in activity targeting proximate organisations and individuals,” the report said, underlining the modus operandi of the group. 

A user unaware of the spoofing could enter his credentials, thereby, compromising the security of the overall system. 

The report adds to the growing hostilities between India and China. In the recent past, Chinese state-backed hackers have also tried to break into critical government installations. In April, it was reported that Chinese cyber attackers broke into a network of seven power grid hubs in north India, including Ladakh. The government then claimed that the ploy was foiled by the authorities.

In December last year, it was reported that the Intelligence Bureau (IB) warned authorities that hackers from China, Pakistan and North Korea were on the lookout to hack systems related to India’s nuclear and defence production.

Last month, the union government informed the Parliament that the Indian Computer Emergency Response Team (CERT-In) reported more than 6.74 Lakh cybersecurity incidents till June this year.

In April this year, authorities also stated that more than 600 social media accounts of the central government were hacked in the last five years.

You have reached your limit of free stories
Unlock The Ultimate Startup Intelligence With Inc42 Plus

Join 10,000+ Startup Founders & Leaders And Gain The Ultimate Startup Edge

Prices Increases In
countdownmail.com
2 YEAR PLAN
₹19999
₹5999
₹249/Month
UNLOCK 70% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹3499
₹291/Month
UNLOCK 65% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Chinese State-Backed Hackers Targeted India’s NIC In Cyberattacks: Report-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Chinese State-Backed Hackers Targeted India’s NIC In Cyberattacks: Report-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Chinese State-Backed Hackers Targeted India’s NIC In Cyberattacks: Report-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Chinese State-Backed Hackers Targeted India’s NIC In Cyberattacks: Report-Inc42 Media
Chinese State-Backed Hackers Targeted India’s NIC In Cyberattacks: Report-Inc42 Media
You’re in Good company