Indian cyber attacks against China, Pakistan on 'rise'

Recent investigations by Chinese cybersecurity firms have highlighted a series of cyberattacks from India to countries such as China and Pakistan, The Federal reported

A group of Indian hackers were allegedly responsible for a cyberattack against the Chinese military in December that was intercepted by China.

According to the report, there were clear parallels between the attack and previous ones in terms of targets and methods, indicating that the same organisation may have been involved.

Known as an advanced persistent threat (APT), the firm has reportedly been operating since at least November 2013, before Narendra Modi became India's prime minister.

Upon its initial identification in 2016, it was named "Manlinghua" by the Chinese company Qihoo 360, and the American security firm Forcepoint named it "Bitter."

Since then, as Bitter's operations have come to light more and more, it's been discovered that the group's activities are centred around China and Pakistan.

The firm reportedly focuses on the military, nuclear sectors and government entities and uses two primary attack strategies: spearfishing and watering hole attacks.

Cybersecurity analysts suspect the group's origins trace back to India, potentially with state support based on IP address locations and linguistic patterns observed in the attacks.

Moreover, Bitter is believed to be connected with several other groups that are suspected to be Indian, including Patchwork, SideWinder and Donot, among others.

The report stated that "contrary to the popular belief that China’s cyber threats mainly come from the United States, professionals in the field point out that a significant number of attacks originate from South Asian countries."