India’s position went up in the chart of countries most threatened by Cloud security. The nation now rests right behind the United States which holds the first position, followed by Australia, Canada and Brazil. On Monday, a new report showed that malware was the most widely used technique in reported incidents.

Cybercriminals have launched new and updated risks and strategies in campaigns targeting key sectors including government, financial services, and entertainment, as a result of the change to a more flexible workforce for the pandemic.

Target Locked

Computerized and stylized image of a hacker
Computerized and stylized image of a hacker

The government was the worst hit sector in the second quarter of 2021. According to the McAfee Enterprise Advanced Threat Research Report: October 2021, the number of publicly reported cyber incidents increased by 64 percent.

“Names such as REvil, Ryuk, Babuk and DarkSide have permeated into public consciousness, linked to disruptions of critical services worldwide,” he added. The sectors most affected by ransomware were the government in the second quarter of 2021, followed by Telecommunications, Energy and Media and Communications. 

Spam had the highest rise in reported occurrences (250%) between the first and second quarters of 2021, followed by Malicious Script (125%), and malware (47%). Financial services were affected the most by cloud mishaps, followed by healthcare, manufacturing, retail, and professional services.

The United States had the highest number of reported incidents in the second quarter and Europe had the highest increase in reported incidents in the second quarter at 52 per cent, the report said. 

The US experienced the most reported incidents in the second quarter, and Europe saw the largest increases in reported incidents in Q2 with 52 per cent,” said the report.

The second quarter of 2021 was a vibrant quarter for ransomware, earning its place as a high-profile cyber agenda item for the US administration following the Colonial Pipeline attack.

In the second quarter of 2021, we continued to see the challenges of shifting cloud security to accommodate a more flexible pandemic workforce and an increased workload, which presented cybercriminals with more potential exploits and targets,” the report mentioned.

Also Read: What Did The Hackers Post From PM Modi’s Personal Twitter Account This Morning?

Is It Pakistan?

Stylized image of the Remote Access Trojan (RAT) tool, which was used by Pakistani hackers.
Stylized image of the Remote Access Trojan (RAT) tool, which was used by Pakistani hackers.

A few months ago, Pakistani hackers targeted critical energy sector infrastructure and a government organization in India with new malware, said Black Lotus Labs, a threat intelligence arm of US-based Lumen Technologies.

Attackers installed a new type of Remote Access Trojan (RAT), a program that enables the conversion of surveillance and unauthorized access to victims’ computers. Hackers used compromised domain URLs in India.

Micheal Benjamin, Vice President of Product Security at Lumen Technologies-Black Lotus Labs, said, “There were several indicators suggesting how the campaign was carried out that led us to believe that the individuals were located in Pakistan. And from the network telemetry and network visibility that we have, we were able to ascertain that the targeting was very Indian specific, focused on power companies as well as a single government entity.

After these incidents, conspiracies began to spread such as Pakistan stealing money by hacking the bank accounts of Indian citizens, and Pakistan trying to wage a war with India.

Whether these conspiracies were true or not, have not yet been proven, but there have been some investigations, which found out that some of these hackers, who were hacking into the bank accounts of Indian citizens, were Indian themselves. 

Is It China?

Stylized image of the Chinese hackers' group TAG28
Stylized image of the Chinese hackers’ group TAG28

A  private US-based cybersecurity firm said a few weeks ago that it found evidence that an Indian media conglomerate, as well as a police agency and the country’s national identification database, were hacked, likely by a government-sponsored Chinese group.

Insikt Group, the Massachusetts-based Recorded Future threat research division, said the hacking group, temporarily called TAG28, used Winnti malware, which is exclusively shared by various Chinese government-sponsored activity groups.

Chinese authorities have consistently denied any form of government-sponsored hacking, stating that China itself is a prime target of cyberattacks.

The indictment harbours the possibility of escalating tensions between the two regional giants, whose relations are already strained due to a border dispute that sparked clashes this year and last. 

In its report, the Insikt group suggested that the cyberattack could be related to these border tensions.

As of early August 2021, Recorded Future data shows a 261% increase in the number of suspected state-sponsored Chinese cyber operations targeting Indian organizations and companies already in 2021 compared to 2020,” the organization said in its report.


A conceptual image of a grenade, foretelling a cyber war that awaits the world
A conceptual image of a grenade, foretelling that a cyberwar awaits the world.

An Advanced Persistent Threats (APT) group, targeting primarily Indian military personnel, has stepped up its activities this year. 

First discovered by antivirus maker Quickheal in 2020, the group has expanded its operations and its arsenal of infection techniques targeting government officials and the Kavach application created by the National Informatics Center (NIC) to access email. of the government.

The APT group called SideCopy has expanded its arsenal with new Remote Access Trojans (RATs), according to intelligence group Cisco Talos. Talos observed “expansion inactivity” in the group’s malware campaigns targeting companies in India. APT groups are groups of hackers, usually backed by states who target countries’ infrastructure, national security mechanisms, etc.

APT groups were found from Saudi Arabia, Kazakhstan, in the year 2020. But the possibility remains, and cybersecurity experts focus more on what if these hackers were from India? 

Building a system that cannot be hacked is more important than trying to locate the hacker. The conspiracies will remain, as will the facts. Is a nation planning something against us? What if we are planning something against another nation? 

These questions may not be answered, but Internet caution can prevent you from being hacked.

Image Sources: Google Images

Sources: National Herald, India Today, Economic Times

Connect with the Blogger: Debanjan Dasgupta

This post is tagged under: hacking, hacker, anonymous, cloud, security, cyber security, threat, cyber threat, Indian govt, government, India, China, Pakistan, malware, antivirus, quickheal, spam, APT, RAT, TAG28, cybercrime, cybercriminals, cloud hacking, internet, digital, pegasus project

Also Recommended:

Phones Of Indian Politicians And Journalists Hacked, The ‘Pegasus Project’ Proves That Privacy Is A Myth


Please enter your comment!
Please enter your name here