Home » News » India » How Pakistan cyber snoopers use trojans to target Indian defence personnel
2-MIN READ

How Pakistan cyber snoopers use trojans to target Indian defence personnel

How Pakistan cyber snoopers use trojans to target Indian defence personnel

Singapore-based cyber security company FireEye has done a detailed investigation into the attack on Indian defence personnel by cyber attackers.

New Delhi: Not just smartphone apps, Pakistan's cyber snoopers were also using remote access trojans and other malware to target Indian military personnel, more details from a CNN-IBN investigation has shown.

Two emails with remote access trojans (RAT) were sent to two Indian defence attaches in Kazakhstan and Saudi Arabia. Both the emails were sent on February 11, soon after the terror attack on the Indian Air Force base at Pathankot.

They originated from the same IP address and web hosting service. Catchy news headlines, photographs and blog links were being used to send trojans. The server has since been shut down after India registered its complaint.

Singapore-based cyber security company FireEye has done a detailed investigation into the attack on Indian defence personnel by cyber attackers. Based on their findings, the Chief Technical Officer Asia Pacific at FireEye, Bryce Boland, claims that there has been an increase in cyber attacks due to political tensions and economic developments across Asia including South Asia. "There is a consistent attack pattern targeting military, government and economic interests in India and also Pakistan," he said.

Explaining how attacks on Indian military personnel are being planned, he said that such outfits use lures such as fake websites, fake news and fake profiles, fake news on military activities and attacks on defence bases. This fake information is used to develop malware and is deployed to government computers to target military personnel. He also added that email spear fishing is a common tactic used to target army personnel.

Boland also maintained that these groups are targeting many other organisations. The probe also revealed that the toolset that they have been using is not new but is being used by them since September 2013. The latest codes used by these groups has been traced to January.

While the government is giving a lot of emphasis on Digital India, Boland claimed most organisations in the country are unable to detect these attacks. "There is a need for specific softwares to analyse the behaviour of applications and websites. Most organisations hold on to old techniques like firewalls and anti-virus for protection. But the attackers have moved on and use new methods which makes the companies vulnerable," he said.

Meanwhile, after details of Pakistan snooping on Indian soldiers using Facebook and mobile apps emerged, the Army issued a new advisory of dos and don'ts to all its commands which are to be followed by soldiers while they are using the Internet and mobile. Even as former president APJ Abdul Kalam had warned of cyber warfare in 2009, the country's plans of upgrading its cyber security architecture remained in cold storage. A CNN-IBN expose had revealed how Pakistan was using spyware to keep a tab on Indian soldiers.

The Army had issued an advisory earlier as well asking the soldier to stay away from the Internet. The personnel have been asked not to watch porn on Facebook or social networking sites, not use photos in uniform as profile picture on WhatsApp, Facebook etc.

first published:March 16, 2016, 21:44 IST