India's weak cybersecurity measures have probably made it a victim of hacking. A group of hackers is allegedly trying to infiltrate into the servers of Indian government bodies and academic institutions.
US network security company FireEye (NASDAQ:FEYE) said the sophisticated hacking group has attacked India, other South and Southeast Asian countries, as well as Tibetan activists outside China, over the past four years. The group, suspected to be from China, is particularly interested in India's diplomatic matters and its border disputes with neighbouring countries.
The advanced persistent threat (APT) group sent targeted spear phishing emails containing Microsoft Word attachments to its intended victims, according to FireEye. The Word documents contained a script called 'Watermain', which creates backdoors on infected machines if opened. The hackers used a vulnerability in Microsoft (NASDAQ:MSFT) software that has been known about for three years, according to FireEye.
The firm added that the group's attacks were also detected in April 2015, about one month before Indian Prime Minister Narendra Modi's first visit to China.
FireEye has observed Watermain's activity since 2011, targeting more than 100 victims over the past four years. About 70% of the victims are from India, according to the cybersecurity firm, while the hackers also targeted Tibetan activists and others in Southeast Asia, with a focus on governmental, diplomatic, scientific and educational organisations.
"Collecting intelligence on India remains a key strategic goal for China-based APT groups, and these attacks on India and its neighbouring countries reflect growing interest in its foreign affairs," said Bryce Boland, FireEye chief technology officer for Asia Pacific.
"Organizations should redouble their cyber security efforts and ensure they can prevent, detect and respond to attacks in order to protect themselves."
FireEye added that APT attacks on organisations in India and neighbouring countries have now become common. In April, FireEye revealed the details of APT30, a decade-long cyber espionage campaign by suspected China-based cybercriminals that compromised an aerospace and defence company in India among others.
Cyberespionage has become a major reason for the worsening relationship between countries in recent times. The US earlier accused China of stealing its corporate and government information via state-sponsored hackers. Meanwhile, China also blamed the US spying on a global scale, pointing to revelations made by former National Security Agency contractor Edward Snowden.