On February 28, a report published by the U.S. cyber security firm Recorded Future, prompted India to make its own announcement regarding a widespread hacking campaign against the country.
Last October, Mumbai, India’s financial capital, suffered a massive power outage that shut down thousands of businesses, dozens of trains, and left millions without power. The power outage was initially pinned on “technical glitches.” In an increasingly nationalistic country who is working to decrease its dependence on China’s supply chain and increase its international investment appeal, the power outage wasn’t just a logistical nightmare—it was also embarrassing.
Now, home minister of the state, Anil Deshmukh, is releasing information about the outage and its possible link to a wave of Trojan horse attacks and power company data transfers. Additionally, between June and October, 8GB of data from China and other nation states snuck into the servers of Indian power companies. Blacklisted IP addresses also tried to break in en masse.
Four months before the outage, Chinese and Indian troops engaged in a close-range skirmish at the border that involved bats wrapped in barbed wire, rocks, and batons. India reportedly lost 20 soldiers; China, four. The attack was the first to result in combat mortalities between the countries in 45 years.
Recorded Future’s investigation linked China with the power outage and theorizes that the attack on India’s infrastructure was both a warning and retaliation for the border skirmish. China denies the claim, saying, “It is highly irresponsible to accuse a particular party when there is no sufficient evidence around. China is firmly opposed to such irresponsible and ill-intentioned practice.”
India is taking extra measures to keep threat actors out of its infrastructure including strengthening firewalls, blacklisting additional IP addresses, and utilizing antivirus software.
Cyber attacks are a new form of warfare, both psychologically and with physical consequences, and level the playing field for nations with weaker, smaller armies. Overt strategical attacks are being traded between dueling nations. Most recently, the Biden administration is gearing up to retaliate against the Russian-led SolarWinds hack. Espionage campaigns act as attempts at a strained peace. “What you have on me, I have on you, so let’s both act responsibly.”
Related: The Future Of Cyber Security
However, the concern is that these cyber attacks are ramping up into more malicious activities, as the Indian power outage demonstrates. Cyber intrusions, whether as an act of posturing or an act of war, are often successful because of one dumbfoundingly simple tactic. A tactic that, despite its simplicity, is frustratingly difficult to fix. Phishing.
From high-ranking officials to call center employees, the data shows that phishing is successful across the board. No government or private entity is safe. Until anti-phishing campaigns are implemented successfully, cyber security issues will escalate. Best practices include:
- Employee training: Teach employees the telltale signs of phishing attempts. Encourage employees to visit the website a suspicious email is emulating as opposed to clicking on the provided link. It is important to always use caution when opening an attachment or link, even if it appears to be from a trusted source. Phishers can guess or do research on vendor partners and associates in an attempt to appear like a trusted source.
- Pen testing: Purchasing or hiring pen testing services takes the guesswork out of how to vet your employees for phishing susceptibility. These tests are customized to the size and type of business. They also include the most current phishing strategies and tactics. Even the most aware employee falls victim to phishing, so tests provide both a mirror into company weaknesses and a reality check to those who fail. It also helps to test frequently in order to ensure that employees remain diligent and to stay on top of new phishing strategies.
Read More: Incident Of The Week