India & Pakistan never ending cyber warfare continues to haunt Asia
India and Pakistan are considered among the top 17 “high cyber troop capacity” countries. “Cyber troop activity” includes social media manipulation by governments and political parties, and the various private companies and other organizations whose work is to spread disinformation.
There is an ongoing cyber war between Pakistan-based hacker groups targeting India’s critical infrastructure and government servers and vice — versa. Each of this state has their own set of cyber espionage tools which holds critical information from national security and intelligence organizations of other states.
On July 18, Pakistani-hacking group “Transparent Tribe” (APT36 and Mythic Leopard) targeted Indian educational institutes. According to Cisco Talos and K7 report, Transparent Tribe has been circulating an MS Word document, created in the name of a leading technology institute in India.
On Aug 2021, Pakistan-origin malware called ‘ReverseRat 2.0’ had targeted Indian government officials by sending a forged invite for a United Nations meeting on organized crime with a Microsoft Teams link.
From India’s perspective, committing retaliation in the cyber domain against Pakistan becomes necessary. Recently, Pro- Indian hackers like “Confucius” (Patchwork, Dropping Elephant) that belongs to Phronesis have hacked about 15,000 such files in which information was given by top Pakistani defense officers.
The group operates anonymously in the name of the working staff from the Pakistani government and sends targeted spear phishing e-mails. Once the recipients open or download those documents, Trojan horse programs are installed into the machine, stealing all the data.
Since October 2021, Indian suspected APT group “Sidewinder” that strongly targets on Pakistan and Chinese organizations by using malicious documents that contains remote template injection. When it’s opened, the document retrieves a remote template from an actor-controlled server. The external template that’s downloaded is an RTF file that exploits the CVE-2017–11882 (Equation Editor) vulnerability.
More critical is that both countries were also indulged in running propaganda machinery against each other that includes fake profiles, cyber trolls etc. Pakistan troll army ran campaign against alleged human rights violations by Indian security forces in the Kashmir Valley, the plight of ordinary Kashmiris, scaremongering on the possibility of an India-Pakistan nuclear war, etc. This propaganda aimed at making viral post and popularising trending Twitter hashtags.
Recently India banned 20 youtubes channels operated by the group, ‘Naya Pakistan Group’. This group used Pakistani news anchors and artists to promote fake stories on YouTube. According to Indian intelligence sources, the group is being funded by Pakistani agencies in a bid to create a riff within communities and target the youth in India.
Last year, EU Disinfo lab exposed Indian-based Srivastava Group engaged in a large-scale disinformation campaign to influence the European Union on the conflicting issue of Jammu and Kashmir. The investigation shows that networks were active in Brussels and Geneva in magnifying content intended to, mainly, damage Pakistan.
Even Indian wire service company Asian News International (ANI) created 265 anti-Pakistan websites spreading false information across 65 countries since 2005.
After independence both the countries were involved in cyber and information warfare in a past few decades and in future we can’t predict when this war ends. The relations between India- Pakistan are mostly contradictory because both the sides are always try to gain strategic goals through cyber warfare and de-grading against each other’s image in front of public.
The actors mentioned in the stated article are the major cyber players in Asia which has both offensive and defensive cyberwarfare capabilities and remain the key major players in that cyber domain.