March 15, 2021 5:22:22 am
There has been an exponential increase in state or state-sponsored and government-affiliated groups carrying out cyberattacks on non-government organisations such as advocacy and human rights groups as well as think tanks in India over the last one year, Mary Jo Schrade, assistant general counsel and regional lead at Microsoft Digital Crimes Unit Asia, said.
“There are probably different motive behind such attacks but that is something we have seen is increasing. We are also seeing increase in attacks on manufacturing sector. It is not clear whether it is a multi-faceted attack but you can see where the attack is happening from,” Schrade told The Indian Express. Such cyberattacks in India have over the past year adopted a two-pronged approach when it comes to targeting the non-government organisations or the manufacturing sector companies, especially in the pharmaceutical and vaccines sector, she said.
“There are two types. One is broad reaching, which is to send to everybody and see who I hook. And the other is more targeted. Like I want to know what the plans are for the electric vehicle that a company is designing in India. That would be very targeted and specifically looking at the person who has access to the information they want. This might take months to build a case to fool such person into revealing or allowing access,” Schrade said.
In India, such attacks had been observed on major pharmaceutical companies such as Dr Reddy’s Laboratories and Lupin in October and November last year, respectively. The Ministry of Electronics and Information Technology has since stepped up its efforts on monitoring and vigilance of any possible attacks on Indian companies in the vaccine, logistics, pharmaceutical and power sector, and has asked these to report “any and all major cybersecurity” incidents to the Computer Emergency Response Team (CERT-In) team every week.
Firms in the power distribution space have also been on the radar of cybercriminals. On February 28, Recorded Future published a report saying it had observed a “steep rise” in the use of resources like malware by a Chinese group called Red Echo to target “a large swathe” of India’s power sector.
It has been easier to manage and respond to such incidents in India as law enforcement agencies in the country have “the foundation” that is needed to understand the issues around cyberattacks, according to Schrade.
“We did not have to start at ground zero. They were quick to grasp. There were certainly questions as there would always be when there is a new attack vector or the way the people are carrying out these attacks,” she said, adding that information from around the world was collated by the company to help the law enforcement agencies in India.
Going ahead, botnet disruptions on companies’ networks could be the major target area of cyberattacks, she said. “The sophistication of the IoT (Internet-of-Thing) devices these days means that they can be leveraged for such attacks in the same way that the computer was used for distribution of malware or attack. These IoT devices may not have the same protection,” she said.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines
- The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.