China & India In Cyber Conflict

India and China have tried to peacefully share thousands of miles of border amidst the world’s most inhospitable terrain, nestled in the Himalayan mountain range. The last military war between the two countries was in 1962, and resulted in parts of the border being declared 'in dispute' with a mutually recognised “Line of Actual Control” agreed.  

But relations between the two have deteriorated significantly in recent years and diplomacy and economic factors have been effective in preventing a repeat full-blown war. Today, cyber operations provide both countries with a potent asymmetric capability to conduct cyber surveillance and espionage.

Now "the impact of a cyber attack targeting the critical infrastructure of a country, whether for espionage or malicious activity, has the potential to be catastrophic with long-term repercussions”, says Dr. Christopher Ahlberg, CEO of Recorded Future. “We have long seen cyber efforts from China aimed around strategic policies and initiatives, and this campaign from RedEcho is no exception. Accurate and actionable intelligence is vital for preempting such attacks and proactively disrupting adversaries both within an organisation and across a nation," he added.

China is more and more dependent on information networks in all industrial aspects, including defence. Although it has a large-scale technology industry and possesses the potential to compete with the US in some, most of its core network technologies and key software and hardware are provided by US companies, whereas India’s capacity is home grown. 

Using a combination of proactive adversary infrastructure detections, domain and traffic analysis, Recorded Future’s threat research experts, the Insikt Group, has determined that a subset of the servers used share some common infrastructure tactics, techniques, and procedures with several previously reported Chinese state-sponsored groups.

Insikt Group is attributing this activity to a threat group known as RedEcho, though to be targeting 10 distinct Indian organisations in the power generation and transmission sector and two organisations in the maritime sector. Insikt Group believes the targeting of these organisations poses significant concerns over potential pre-positioning of network access to support Chinese strategic objectives.

The computer network operations targeting of strategically important organisations in India from Chinese groups will likely continue in 2021 as the nation continues to exert influence over countries that are within the sphere of their Belt and Road Initiative investment program.

The next steps for India are to have the targeted entities and those organisations with responsibility for protecting India’s national infrastructure, Indian CERT, Ministry of Power and the National Critical Information Infrastructure Protection Centre (NCIIPC) conduct a thorough cyber analysis and develop a future strategy. 

Recorded Future:      PR Newswire:     Security Boulevard:   The Wire:    Sunday Guardian:

You Might Also Read: 

Cyber Attack On A Nuclear Power Plant:

 

« How Has A Year Of Pandemic Changed Cyber Security?
New Digital Qualifications For The British Workforce »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Asavie

Asavie

Asavie provide solutions for Enterprise Mobility Management and secure IoT Connectivity.

Lawley Insurance

Lawley Insurance

Lawley is a full-service, independent insurance agency. Specialty insurance products include Cyber Security.

Dark Cubed

Dark Cubed

Dark Cubed is an easy-to-use cyber security software as a service (SaaS) platform that deploys instantly and delivers enterprise-grade threat identification and protection at a fraction of the cost.

Ensign InfoSecurity

Ensign InfoSecurity

Ensign InfoSecurity is Southeast Asia’s largest pure-play cybersecurity firm.

Metrarc

Metrarc

Metrarc has developed a ground-breaking technology called ICMetrics™ for deriving secure encryption keys from the properties of digital systems without the need to store any of the encryption keys.

Indeed

Indeed

Indeed is a worldwide employment-related search engine for job listings covering job types in all industries, including cybersecurity.

World Congress on Industrial Control Systems Security (WCICSS)

World Congress on Industrial Control Systems Security (WCICSS)

The World Congress on Industrial Control Systems Security (WCICSS) is focused on emerging trends in protection of industrial control systems.

Glocomms

Glocomms

Glocomms is a leading specialist recruitment agency for the tech sector, providing permanent, contract, and multi-hire recruitment from our global hubs in San Francisco, New York, London and Berlin.

Axio Global

Axio Global

Axio is a leading cyber risk management SaaS company. Our Axio360 platform gives companies visibility to their cyber risk, and enables them to prioritize investments to protect their business.

AdEPT Technology Group

AdEPT Technology Group

AdEPT are a managed services and telecommunications provider offering award-winning, proven and uncomplicated technical solutions for over 12,000 organisations across the UK.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.

Calamu

Calamu

Calamu is a software-defined storage security and resiliency platform that keeps your data secure and accessible wherever you choose to store it.

Security Risk Advisors (SRA)

Security Risk Advisors (SRA)

Security Risk Advisors deliver cybersecurity services to leading companies in the Financial Services, Healthcare, Pharmaceuticals, Technology and Retail industries.

Alset Technologies

Alset Technologies

Alset Technologies provides DASH - a comprehensive solution to DISA STIG (Security Technical Implementation Guide) compliance.

Vambrace Cybersecurity

Vambrace Cybersecurity

Vambrace is an experienced cybersecurity consultancy and operations outsourcer helping you to secure your business in an increasingly-hostile cyber environment.