What's new

Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive

Zarvan

ELITE MEMBER
Joined
Apr 28, 2011
Messages
54,470
Reaction score
87
Country
Pakistan
Location
Pakistan
Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive

According to Micheal Benjamin, head of Black Lotus Labs, threat intelligence arm of US-based Lumen Technologies, Pak-based hackers targeted the power sector and one government organisation in India earlier this year using new malware--Remote Access Trojan (RAT).

ADVERTISEMENT


Ankit Kumar
New DelhiJuly 13, 2021UPDATED: July 13, 2021 18:50 IST
[Representative image] Attackers installed a new kind of Remote Access Trojan, said Black Lotus Labs

[Representative image] Attackers installed a new kind of Remote Access Trojan, said Black Lotus Labs (Photo Credits: Getty Images)


Pakistan-based hackers targeted critical infrastructure of the power sector and one government organisation in India earlier this year using a new malware, said Black Lotus Labs, a threat intelligence arm of US-based Lumen Technologies.


The attackers installed a new kind of Remote Access Trojan (RAT) a program that enables covert surveillance and unauthorised access to victim’s computers. The hackers used India-based compromised domain URLs.

Speaking exclusively to India Today TV, Micheal Benjamin, Vice President of Product Security at Lumen Technologies-Black Lotus Labs, said, “There were a number of indicators suggesting how the campaign was carried out that led us to believe that the individuals were located in Pakistan. And from the network telemetry and network visibility that we have, we were able to ascertain that the targeting was very Indian specific, focused on power companies as well as a single government entity.”
READ: Ransomware hits hundreds of US companies, security firm says

RAT gave the attackers access to the IT network of the power companies, but it is not known if the Operations Technology (OT) networks, used for running the power operations, were affected or not, Benjamin said.


The cyber attack suggests that the attackers, “with operational infrastructure hosted in Pakistan”, used forged PDF communication related to Covid-19 vaccination.


The IP address assigned to the hacker groups belongs to Pakistani mobile data operator CMPak Limited, popularly known as Zong 4G in Pakistan. The mobile operator is a 100 percent owned subsidiary of China Mobile Communications Corporation.
PIC-x249.PNG

(Forged vaccination document used in the attack. Source: Lumen Technologies)

Different from Chinese cyber attacks
Benjamin said the recent development lacked the characteristics of a Chinese state-sponsored cyber attack and any perceived overlap with Chinese groups was extremely unlikely in this case.

Earlier this year, a cybersecurity company based in Massachusetts claimed a Chinese hacker group targeted India's power sector organisations in 2020, when tensions between the two countries were high due to the border standoff.

“Some of the mechanisms that were used here, as well as the way the actors failed to hide themselves, did not match the sophistication we typically see with state-sponsored Chinese actors. So, I would separate these actor groups,” he clarified.
Past activities of these attackers suggest that those involved in this case focused mostly on India, Benjamin said.
ALSO READ: India a third-tier country in cyber warfare capabilities, report says US more powerful than China

Cyber attacks in Afghanistan
A Pakistan-based hacker network also targeted and compromised infrastructures in Afghanistan through a similar delivery mechanism. However, the number of compromised entities in Afghanistan is lower than that of India.

According to the Lumen report, the attacks successfully compromised the IT networks of at least one power transmission organisation, one power generation and transmission organisation and one government organisation.

Headquartered in Monroe, Louisiana, US, Lumen Technologies offers services like communications, network services, security, cloud solutions to businesses, the public sector and governments in more than 60 countries.

A recent report by the International Institute for Strategic Studies (IISS) found that India had made only modest progress in developing cyber security doctrine. The report positioned India among third-tier countries on a spectrum of cyber warfare capabilities.
ADVERTISEMENT

ALSO READ: Without naming China or Pakistan, India raises issue of cyber attacks at UNSC debate
ALSO READ: Cyber attack against US IT provider forces Swedish chain to close 800 stores


Click here for IndiaToday.in’s complete coverage of the coronavirus pandemic.

Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive - India News (indiatoday.in)
 
this is not good. it will start a hacking war

wait for a week and you will see they reply in attacking our power sector
 
Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive

According to Micheal Benjamin, head of Black Lotus Labs, threat intelligence arm of US-based Lumen Technologies, Pak-based hackers targeted the power sector and one government organisation in India earlier this year using new malware--Remote Access Trojan (RAT).

ADVERTISEMENT


Ankit Kumar
New DelhiJuly 13, 2021UPDATED: July 13, 2021 18:50 IST
[Representative image] Attackers installed a new kind of Remote Access Trojan, said Black Lotus Labs

[Representative image] Attackers installed a new kind of Remote Access Trojan, said Black Lotus Labs (Photo Credits: Getty Images)


Pakistan-based hackers targeted critical infrastructure of the power sector and one government organisation in India earlier this year using a new malware, said Black Lotus Labs, a threat intelligence arm of US-based Lumen Technologies.


The attackers installed a new kind of Remote Access Trojan (RAT) a program that enables covert surveillance and unauthorised access to victim’s computers. The hackers used India-based compromised domain URLs.

Speaking exclusively to India Today TV, Micheal Benjamin, Vice President of Product Security at Lumen Technologies-Black Lotus Labs, said, “There were a number of indicators suggesting how the campaign was carried out that led us to believe that the individuals were located in Pakistan. And from the network telemetry and network visibility that we have, we were able to ascertain that the targeting was very Indian specific, focused on power companies as well as a single government entity.”
READ: Ransomware hits hundreds of US companies, security firm says

RAT gave the attackers access to the IT network of the power companies, but it is not known if the Operations Technology (OT) networks, used for running the power operations, were affected or not, Benjamin said.


The cyber attack suggests that the attackers, “with operational infrastructure hosted in Pakistan”, used forged PDF communication related to Covid-19 vaccination.


The IP address assigned to the hacker groups belongs to Pakistani mobile data operator CMPak Limited, popularly known as Zong 4G in Pakistan. The mobile operator is a 100 percent owned subsidiary of China Mobile Communications Corporation.
PIC-x249.PNG

(Forged vaccination document used in the attack. Source: Lumen Technologies)

Different from Chinese cyber attacks
Benjamin said the recent development lacked the characteristics of a Chinese state-sponsored cyber attack and any perceived overlap with Chinese groups was extremely unlikely in this case.

Earlier this year, a cybersecurity company based in Massachusetts claimed a Chinese hacker group targeted India's power sector organisations in 2020, when tensions between the two countries were high due to the border standoff.

“Some of the mechanisms that were used here, as well as the way the actors failed to hide themselves, did not match the sophistication we typically see with state-sponsored Chinese actors. So, I would separate these actor groups,” he clarified.
Past activities of these attackers suggest that those involved in this case focused mostly on India, Benjamin said.
ALSO READ: India a third-tier country in cyber warfare capabilities, report says US more powerful than China

Cyber attacks in Afghanistan
A Pakistan-based hacker network also targeted and compromised infrastructures in Afghanistan through a similar delivery mechanism. However, the number of compromised entities in Afghanistan is lower than that of India.

According to the Lumen report, the attacks successfully compromised the IT networks of at least one power transmission organisation, one power generation and transmission organisation and one government organisation.

Headquartered in Monroe, Louisiana, US, Lumen Technologies offers services like communications, network services, security, cloud solutions to businesses, the public sector and governments in more than 60 countries.

A recent report by the International Institute for Strategic Studies (IISS) found that India had made only modest progress in developing cyber security doctrine. The report positioned India among third-tier countries on a spectrum of cyber warfare capabilities.
ADVERTISEMENT

ALSO READ: Without naming China or Pakistan, India raises issue of cyber attacks at UNSC debate
ALSO READ: Cyber attack against US IT provider forces Swedish chain to close 800 stores


Click here for IndiaToday.in’s complete coverage of the coronavirus pandemic.

Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive - India News (indiatoday.in)
1 1 1 sab jaga 1 dal diya
 
this is not good. it will start a hacking war

wait for a week and you will see they reply in attacking our power sector
Then have better protection against attacks.
Why is our power sector connected to the Internet?

I have always wondered why Iran nuclear planst are connected to the Internet
 
And that's coming from mother of fake news Factory called India. If Modi can kill 48 of military soldiers in Pulwama for his gians, you have no idea how low he can go to blame Pakistan.
 
Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive

According to Micheal Benjamin, head of Black Lotus Labs, threat intelligence arm of US-based Lumen Technologies, Pak-based hackers targeted the power sector and one government organisation in India earlier this year using new malware--Remote Access Trojan (RAT).

ADVERTISEMENT


Ankit Kumar
New DelhiJuly 13, 2021UPDATED: July 13, 2021 18:50 IST
[Representative image] Attackers installed a new kind of Remote Access Trojan, said Black Lotus Labs

[Representative image] Attackers installed a new kind of Remote Access Trojan, said Black Lotus Labs (Photo Credits: Getty Images)


Pakistan-based hackers targeted critical infrastructure of the power sector and one government organisation in India earlier this year using a new malware, said Black Lotus Labs, a threat intelligence arm of US-based Lumen Technologies.


The attackers installed a new kind of Remote Access Trojan (RAT) a program that enables covert surveillance and unauthorised access to victim’s computers. The hackers used India-based compromised domain URLs.

Speaking exclusively to India Today TV, Micheal Benjamin, Vice President of Product Security at Lumen Technologies-Black Lotus Labs, said, “There were a number of indicators suggesting how the campaign was carried out that led us to believe that the individuals were located in Pakistan. And from the network telemetry and network visibility that we have, we were able to ascertain that the targeting was very Indian specific, focused on power companies as well as a single government entity.”
READ: Ransomware hits hundreds of US companies, security firm says

RAT gave the attackers access to the IT network of the power companies, but it is not known if the Operations Technology (OT) networks, used for running the power operations, were affected or not, Benjamin said.


The cyber attack suggests that the attackers, “with operational infrastructure hosted in Pakistan”, used forged PDF communication related to Covid-19 vaccination.


The IP address assigned to the hacker groups belongs to Pakistani mobile data operator CMPak Limited, popularly known as Zong 4G in Pakistan. The mobile operator is a 100 percent owned subsidiary of China Mobile Communications Corporation.
PIC-x249.PNG

(Forged vaccination document used in the attack. Source: Lumen Technologies)

Different from Chinese cyber attacks
Benjamin said the recent development lacked the characteristics of a Chinese state-sponsored cyber attack and any perceived overlap with Chinese groups was extremely unlikely in this case.

Earlier this year, a cybersecurity company based in Massachusetts claimed a Chinese hacker group targeted India's power sector organisations in 2020, when tensions between the two countries were high due to the border standoff.

“Some of the mechanisms that were used here, as well as the way the actors failed to hide themselves, did not match the sophistication we typically see with state-sponsored Chinese actors. So, I would separate these actor groups,” he clarified.
Past activities of these attackers suggest that those involved in this case focused mostly on India, Benjamin said.
ALSO READ: India a third-tier country in cyber warfare capabilities, report says US more powerful than China

Cyber attacks in Afghanistan
A Pakistan-based hacker network also targeted and compromised infrastructures in Afghanistan through a similar delivery mechanism. However, the number of compromised entities in Afghanistan is lower than that of India.

According to the Lumen report, the attacks successfully compromised the IT networks of at least one power transmission organisation, one power generation and transmission organisation and one government organisation.

Headquartered in Monroe, Louisiana, US, Lumen Technologies offers services like communications, network services, security, cloud solutions to businesses, the public sector and governments in more than 60 countries.

A recent report by the International Institute for Strategic Studies (IISS) found that India had made only modest progress in developing cyber security doctrine. The report positioned India among third-tier countries on a spectrum of cyber warfare capabilities.
ADVERTISEMENT

ALSO READ: Without naming China or Pakistan, India raises issue of cyber attacks at UNSC debate
ALSO READ: Cyber attack against US IT provider forces Swedish chain to close 800 stores


Click here for IndiaToday.in’s complete coverage of the coronavirus pandemic.

Pakistan-based hackers targeted power sector, govt organisation in India this year | Exclusive - India News (indiatoday.in)
I call it chawal. Bilawajah ki bakwasbazi. Chittar lagao in waylon ko. Kam nai kerna, hacking main naam peda karaingy. Ghady kahin k.
 

Latest posts

Back
Top Bottom