sb.scorecardresearch

Published 19:19 IST, November 5th 2019

Researchers identify Chinese group behind cyberattacks on India

Security researches have identified Chinese hacking group which had stolen confidential data from the government by attacking governments including India.

Reported by: Aanchal Nigam
Follow: Google News Icon
  • share
Chinese
null | Image: self

The Chinese hacking group that had stolen confidential data from the government by attacking its organizations in six countries including India has been identified by security researchers. Governments in India, Brazil, Kazakhstan, Russia, Thailand, and Turkey had suffered damage as an outcome after a cyber group, the Calypso Advanced Persistent Threat group has reportedly been active since 2016.  According to the investigations, to receive more access from the internal network of the victim, the group hacks the network perimeter and then injects a special programme. 

Read - Xi Promises Gradual Opening Of Chinese Markets To Investment

Attackers moved along the network

The investigation also revealed that the group moves along the network by exploiting Remote Code Execution vulnerability or MS17-010 or by using stolen credentials. The Lead Specialist in Threat Analysis at Positive Technologies, Denis Kuvshinov reportedly made a statement that the attacks by the Chinese group were successful because the majority of utilities used by the attackers are used inside the network and specialists everywhere for the administration of the network. Therefore, the group used the publically available tools and 'exploited' them to infect the computers. 

Read - Chinese Official Says Breakthrough Negotiations Have Been Made In RCEP

Taking advantage of Iran cyber-espionage

The British and United States officials said in October that Russian hackers took advantage of an Iranian cyber-espionage operation to attack the government along with the industry organizations in dozens of countries while pretending to be attackers from the Islamic State. The Russian group is known as “Turla” which was accused by the Estonian and Czech authorities of operating on behalf of the Russian security services used Iranian tools along with the computer infrastructure to hack into the organizations of nearly 20 different countries over the span of last 18 months. The UK and US intelligence group exposed the Turla group attack and was also published together by UK's National Cyber Security Centre and the US National Security Agency also revealed that the Turla group had attacked the majority of the victims from the middle east and even viewed the documents extracted from various sectors as well as governments. 

Read - Scientists With Chinese Links May Be Stealing Biomedical Research: US

Read - Chinese State Media Urge 'tougher Line' On Hong Kong

(With inputs from agencies)

Updated 20:27 IST, November 5th 2019