According to chatter uncovered on the dark web by cybersecurity research firm Cyfirma, Chinese state-sponsored hacker groups could target Indian businesses and government establishments.
“The whisperings in the dark web and hackers’ forums have increased in volume and intensity with actual mentions of Indian targets. When we observed that IoCs (indicators of compromise) were shared, we immediately knew that the threat could be imminent,” reportedly said Kumar Ritesh, Founder-CEO of Cyfirma.
According to the cybersecurity firm, plans are afoot to steal sensitive data like trade secrets, launch denial of service attacks and deface websites or launch malicious phishing campaigns targeting Indian government websites and companies in the telecommunications, pharma, smartphone and construction industries.
Companies including Reliance Jio Infocomm, Bharti Airtel, L&T, Apollo Tyres, Micromax, Sun Pharma and Cipla could be targeted, along with defence, external affairs and information and broadcasting ministries. Some media houses such as Times of India and Hindustan Times were also named as targets.
Cyfirma said it had alerted the organisations mentioned in these chats, as well as CERT-In.
Meanwhile, the Reserve Bank of India (RBI) has issued a warning to ensure safety while transacting online. “In recent days there are reports of users falling prey to fraudsters who are luring them on fictitious pretexts, such as alleged completion of KYC requirements, impersonating identities and websites of banks and payment system operators, etc,” the central bank said in a statement.
RBI has thereby asked consumers to not share OTP, PIN to and other secure financial details in person or through any public networks. Furthermore, consumers have also been asked not to carry these details in the physical form as well in their wallets or pockets.
“Safety and security of digital transactions are of paramount importance to their users. The Reserve Bank has put in place many mechanisms to ensure the same by continuously and actively undertaking digital awareness campaigns,” RBI said.
Similarly, K7 Computing’s, Cyber Threat Monitor Report for Q4 2019-20 found that among Tier 1 cities, Chennai, Bengaluru, Hyderabad and Kolkata recorded the highest rate of infections, while among the Tier-II cities, Patna registered the highest infection rate at 38% followed by Guwahati, Jammu and Bhubaneswar. These attacks were designed to exploit user trust and scam people for financial gains. In Tier-I cities, threat actors predominantly targeted SMEs by exploiting vulnerabilities caused by the sudden shift to working from home and SMEs still being ill-equipped to handle cyberattacks.
Experts at K7 Labs predict that the number of Covid-19 themed attacks and complex Trojan attacks will continue to increase in the next quarter. This will be further exacerbated by the increase in threats from amateur attackers who purchase malware-related services to launch attacks at various individual and enterprise targets.