New group cyber china takes aim at the electric networks of India near to Ladakh, a ratio of RecordedFuture
We are all well aware of the fact that cyber warfare and campaigns of misinformation on social media efforts are fundamental to the purpose of the China to gain control of their own supremacy dictatorial.
TAG-38, and the attack on the Indian Power Grid Org
The power and the propaganda of offensive computing have been deeply rooted in the approach of China to beat rivals abroad. Recently, the indian firm of the electricity network has become the target of a group of cybercriminal chinese known as TAG-38.
The research report Insikt has revealed a campaign of hacking that is managed by a group of malicious state-sponsored chinese and took aim l’Indian Power Grid Organisationthe majority of cyber attacks has led to the use of ShadowPad backdoor (malicious software to property/development, TAG-38). The attack activity has been detected thanks to a combination of a wide automated analysis of network traffic with a manual scan.
From this analysis, it was revealed that the attack on the Indian Power Grid is the first operation of this group APT chinese, as a result of the new composition.
India is not a target
In the last 18 years, the indian region has been targeted by APT chinese. There are several cases that justify these claims. In February 2021 RedEcho, a “sophisticated” criminal group linked to China, beset by 10 india in the energy sector and two in the maritime sector. The attack targeted “only” the NTPC (National Thermal Power Corporation), the state-owned, the biggest energy company in india. Hackers have used a backdoor modular named ShadowPad for the cyber-attack. Cyber attacks are increased with the increase of tensions between India and China in the wake of the battle in the valley, Galwan.
In 2021, came to the fore another news regarding the group of cyber espionage the chinese that has targeted victims from India. It security researchers have analyzed that theAPT 41 (another group of threats, state-sponsored chinese) is engaged in the business of espionage and crime motivated financially, the group of threats from china, has been targeting organizations such as travel, telecommunications, health care, news and education. It was found that the groups of espionage, the chinese have used phishing emails to gain access to their victims.
The defense in cyberspace
In order to protect his nation and intensify its offensive capabilities, India has also launched various attacks against the chinese nation. According to the report of Forcepoint, in December 2015 it was launched a cyber campaign by the company's cyber intelligence Phronesis based in India, directly target chinese citizens of different sectors and administrative agencies in south Asia. It turned out that it was a cyber attack sponsored by the state in which they were used 170 malicious documents and 4 families of malware distinct.
In 2019, the team Anomalous Threat Research has reported another phishing campaign of the group BITTER APTlikely to implement cyber attacks against government agencies of the people's Republic of china. Phishing attacks exploit the counterfeit sites designed to steal the credentials of the e-mail to target victims within the chinese administration.
Therefore, we can say that indian companies cyber intelligence are emerging as a superpower in the domain of cyber offensive, because the indian nation are competing at their best to defeat her great rival geo-political: China.