China & India In Cyber Conflict

Uploaded on 2021-04-02 in INTELLIGENCE--International, FREE TO VIEW, INTELLIGENCE-Hot Spots-China

India and China have tried to peacefully share thousands of miles of border amidst the world’s most inhospitable terrain, nestled in the Himalayan mountain range. The last military war between the two countries was in 1962, and resulted in parts of the border being declared 'in dispute' with a mutually recognised “Line of Actual Control” agreed.  

But relations between the two have deteriorated significantly in recent years and diplomacy and economic factors have been effective in preventing a repeat full-blown war. Today, cyber operations provide both countries with a potent asymmetric capability to conduct cyber surveillance and espionage.

Now "the impact of a cyber attack targeting the critical infrastructure of a country, whether for espionage or malicious activity, has the potential to be catastrophic with long-term repercussions”, says Dr. Christopher Ahlberg, CEO of Recorded Future. “We have long seen cyber efforts from China aimed around strategic policies and initiatives, and this campaign from RedEcho is no exception. Accurate and actionable intelligence is vital for preempting such attacks and proactively disrupting adversaries both within an organisation and across a nation," he added.

China is more and more dependent on information networks in all industrial aspects, including defence. Although it has a large-scale technology industry and possesses the potential to compete with the US in some, most of its core network technologies and key software and hardware are provided by US companies, whereas India’s capacity is home grown. 

Using a combination of proactive adversary infrastructure detections, domain and traffic analysis, Recorded Future’s threat research experts, the Insikt Group, has determined that a subset of the servers used share some common infrastructure tactics, techniques, and procedures with several previously reported Chinese state-sponsored groups.

Insikt Group is attributing this activity to a threat group known as RedEcho, though to be targeting 10 distinct Indian organisations in the power generation and transmission sector and two organisations in the maritime sector. Insikt Group believes the targeting of these organisations poses significant concerns over potential pre-positioning of network access to support Chinese strategic objectives.

The computer network operations targeting of strategically important organisations in India from Chinese groups will likely continue in 2021 as the nation continues to exert influence over countries that are within the sphere of their Belt and Road Initiative investment program.

The next steps for India are to have the targeted entities and those organisations with responsibility for protecting India’s national infrastructure, Indian CERT, Ministry of Power and the National Critical Information Infrastructure Protection Centre (NCIIPC) conduct a thorough cyber analysis and develop a future strategy. 

Recorded Future:      PR Newswire:     Security Boulevard:   The Wire:    Sunday Guardian:

You Might Also Read: 

Cyber Attack On A Nuclear Power Plant:

 

« How Has A Year Of Pandemic Changed Cyber Security?
New Digital Qualifications For The British Workforce »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Fuel Recruitment

Fuel Recruitment

Fuel Recruitment is a specialist recruitment company for the IT, Telecoms, Engineering, Consulting and Marketing industries.

Information Security Media Group (ISMG)

Information Security Media Group (ISMG)

Information Security Media Group is the world’s largest media organization devoted solely to information security and risk management.

Canadian Centre for Cyber Security (CCCS)

Canadian Centre for Cyber Security (CCCS)

The Cyber Centre is the single unified source of expert advice, guidance, services and support on cyber security for government, critical infrastructure, the private sector and the public.

Allgress

Allgress

Allgress solutions converge disparate risk silos across enterprise networks and automate governance, risk and compliance management processes.

ITonlinelearning

ITonlinelearning

ITonlinelearning specialises in providing professional certification courses to help aspiring and seasoned IT professionals develop their careers.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

DataTribe

DataTribe

DataTribe is a cyber startup foundry, leveraging deep experience and expertise to build and launch successful product companies.

Eaton

Eaton

Eaton provides comprehensive cybersecurity services for operational technology (OT) to help keep your operations and personnel safe.

Crown Sterling

Crown Sterling

Crown Sterling delivers next generation software-based, AI-driven cryptography in the form of random number generators and encryption products.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

Apura Cybersecurity Intelligence

Apura Cybersecurity Intelligence

Apura is a Brazilian company that develops advanced products and provides specialized services in information security and cyber defense.

Cyber Suraksa

Cyber Suraksa

We make security simple and hassle-free by offering a sustained and secure IT environment with next-gen cybersecurity solutions through a scalable security-as-a-service model.

ActiveFence

ActiveFence

ActiveFence enables Trust & Safety teams to be proactive about online integrity so they can keep their users safe from online harm – across content formats, languages, and abuse areas.

Hexagon

Hexagon

Hexagon is a global leader in digital reality solutions. We are putting data to work to boost efficiency, productivity, quality and safety.

HYCU

HYCU

HYCU was born of the need to simplify data protection and provide equivalent levels of backup and recovery support across on premises, public cloud, and SaaS workloads.

Zynap

Zynap

Zynap is an Advanced AI-powered SaaS platform replicating cybercriminal tactics to predict, detect, and neutralize threats before they strike.