China & India In Cyber Conflict

Uploaded on 2021-04-02 in INTELLIGENCE--International, FREE TO VIEW, INTELLIGENCE-Hot Spots-China

India and China have tried to peacefully share thousands of miles of border amidst the world’s most inhospitable terrain, nestled in the Himalayan mountain range. The last military war between the two countries was in 1962, and resulted in parts of the border being declared 'in dispute' with a mutually recognised “Line of Actual Control” agreed.  

But relations between the two have deteriorated significantly in recent years and diplomacy and economic factors have been effective in preventing a repeat full-blown war. Today, cyber operations provide both countries with a potent asymmetric capability to conduct cyber surveillance and espionage.

Now "the impact of a cyber attack targeting the critical infrastructure of a country, whether for espionage or malicious activity, has the potential to be catastrophic with long-term repercussions”, says Dr. Christopher Ahlberg, CEO of Recorded Future. “We have long seen cyber efforts from China aimed around strategic policies and initiatives, and this campaign from RedEcho is no exception. Accurate and actionable intelligence is vital for preempting such attacks and proactively disrupting adversaries both within an organisation and across a nation," he added.

China is more and more dependent on information networks in all industrial aspects, including defence. Although it has a large-scale technology industry and possesses the potential to compete with the US in some, most of its core network technologies and key software and hardware are provided by US companies, whereas India’s capacity is home grown. 

Using a combination of proactive adversary infrastructure detections, domain and traffic analysis, Recorded Future’s threat research experts, the Insikt Group, has determined that a subset of the servers used share some common infrastructure tactics, techniques, and procedures with several previously reported Chinese state-sponsored groups.

Insikt Group is attributing this activity to a threat group known as RedEcho, though to be targeting 10 distinct Indian organisations in the power generation and transmission sector and two organisations in the maritime sector. Insikt Group believes the targeting of these organisations poses significant concerns over potential pre-positioning of network access to support Chinese strategic objectives.

The computer network operations targeting of strategically important organisations in India from Chinese groups will likely continue in 2021 as the nation continues to exert influence over countries that are within the sphere of their Belt and Road Initiative investment program.

The next steps for India are to have the targeted entities and those organisations with responsibility for protecting India’s national infrastructure, Indian CERT, Ministry of Power and the National Critical Information Infrastructure Protection Centre (NCIIPC) conduct a thorough cyber analysis and develop a future strategy. 

Recorded Future:      PR Newswire:     Security Boulevard:   The Wire:    Sunday Guardian:

You Might Also Read: 

Cyber Attack On A Nuclear Power Plant:

 

« How Has A Year Of Pandemic Changed Cyber Security?
New Digital Qualifications For The British Workforce »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

MicroEJ

MicroEJ

MicroEJ is a software vendor of cost-driven solutions for embedded and IoT devices.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

Elevate Security

Elevate Security

Elevate is the leading Security Behavior Platform, changing employee security habits while giving security teams unprecedented visibility.

Trail of Bits

Trail of Bits

Trail of Bits combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

StackHawk

StackHawk

StackHawk is built to help dev teams ship secure code. Find and fix bugs early before they become vulnerabilities in production.

N-able

N-able

N-Able deliver simple and sophisticated monitoring, security, and business solutions that empower you to solve your toughest IT challenges.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

Cyber Proud

Cyber Proud

Cyber proud is leading a talent revolution to promote and create an inclusive skilled cyber workforce.

KBE Information Security

KBE Information Security

KBE is a global consulting firm, with offices in Toronto and Milan, which specializes in the area of IT and information security with over 20 years of experience.

NoviFlow

NoviFlow

NoviFlow is a leading provider of terabit networking software solutions for Communication Service Providers (CSPs).

Increase Your Skills (IYS)

Increase Your Skills (IYS)

Armed and ready: raise awareness of cyberattacks in your company with the Full-Service Awareness Platform from IYS – fast and effective. We help you develop a robust, sustainable security strategy.

Velotix

Velotix

Velotix empowers organizations to maximize the value of their data while ensuring security and compliance in a rapidly evolving regulatory landscape.

Mesh Security

Mesh Security

Mesh Security transforms security data, tools, and infra for enterprise-wide visibility and control.

Cyvore Security

Cyvore Security

Cyvore combines cutting-edge AI, machine learning, and behavioral analytics to detect, investigate, and neutralize threats before they compromise your organization.