...
...
Next Story

Second cyber attack in 4 months hits government

Even as India is trying to figure out the extent of damage caused by the ‘Red October’ cyber espionage programme detected in March, another attack has been detected. Sanjib Kr Baruah reports.

Updated on: Jun 09, 2013 10:10 AM IST
Hindustan Times | By
Prefer HTon Google
Advertisement

Even as India is trying to figure out the extent of damage caused by the ‘Red October’ cyber espionage programme detected in March, another attack has been detected.

HT Image
HT Image

The recent hacking attack, till now, has stolen at least 22 GB of data, including secret documents from high-profile Indian establishments. And what’s worse — the attack might still be on.

Exposing India as increasingly vulnerable to cyber attacks, a malicious programme called NetTraveler a.k.a Travnet has been infecting its cyber systems since 2004.

The victims number at least 40 and include ministries, embassies, military and scientific institutes, aerospace research, IT companies, financial organisations, media organisations, and even small private companies.

The attack was detected by Russian cyber security laboratory Kaspersky which was one of the entities to have closely collaborated with India’s technical intelligence wing National Technical Research Organisation (NTRO) and private cyber security experts in detecting the ‘Red October’ attack.

“Attackers have been able to steal about 22 GB of documents (in India). But it is really a tip of the iceberg. The real data may be many times bigger,” a Kaspersky representative told HT.

The largest number of attacks took place from 2010 to 2013.

From sketchy details that the authorities pieced together, it seems that the command and control centres of the hacking group are concentrated in Hong Kong, China and the US.

Although nothing is conclusive at this point of time, it is believed that the attackers belong to a Chinese hacking group. “We don’t know the details, who might be behind this. The objective is to steal documents and then sift through to find the useful intelligence…probably to sell in the black market,” the representative said.

An interesting aspect is that in several cases, the NetTraveler attacks overlapped with the attacks by the ‘Red October’ programme which had, among others, targeted the Defence Research and Development Organisation (DRDO) and hacked e-mail accounts of its senior scientists and stolen top secret military data.

“...We estimate the (hackers’) group size to about 50 individuals, most of whom speak Chinese natively and has knowledge of English language.”

 
Check India news real-time updates, latest news on Hindustan Times and more across India.
Check India news real-time updates, latest news on Hindustan Times and more across India.
SHARE THIS ARTICLE ON
Hindustantimes wants to start sending you push notifications. Click allow to subscribe