Chinese Cyber Troops Targeted Indian Telcos, Gov’t Agencies in Last 6 Months, US Research Firm Says

A suspected cyber unit of China’s People Liberation Army (PLA) has been targeting Indian telecom companies, government agencies and defence contractors over the last six months amid border tensions between the neighbouring nations, a US-based research firm called Recorded Future said in a report on Friday. The main aim behind these cyber attacks is suspected to have been obtaining data regarding India's military technology and defence.

“Recorded Future’s Insikt Group identified the suspected Chinese state-sponsored group we track as ‘RedFoxtrot’ targeting multiple Indian organisations throughout 2020 and 2021. Within India specifically, we identified the group successfully targeting two telecommunications organisations, three defence contractors, and several additional government and private sector organisations in the past six months,” the report said.

According to the findings of Recorded Future’s study, the web-threat group “RedFoxtrot” is linked to PLA unit 69,010, headquartered in the city of Urumqi in Xinjiang – an autonomous region in northwest China associated with alleged human rights violations targeting the nation's Uighur minority.

In a different blog post, the Massachusetts-headquartered research firm noted that its findings are backed by the analysis of the kind of malware used by the attackers, their domain registration records and network traffic patterns.

The report suggests that by targeting India’s telecom companies, the names of which remain undisclosed, the PLA’s "cyber soldiers" intended to gather a load of India’s communication data as well as track and monitor individual targets in India based on their location-oriented network circles.

This is not the first time however, that cyber risks to India have emerged from China.

In March 2021, India’s Computer Emergency Response Team (Cert-IN) claimed to have found China-linked cyber actors conducting an espionage campaign against the Indian transportation sector. Controlled by the Ministry of Electronics and Information Technology (MeitY), CERT-IN is a nodal agency that deals with cyber security threats like hacking and phishing while strengthening the security-related defence of the Indian Internet domain.

Last year, a Singapore-based research firm, Cyfirma, said in one of its reports that after 18 June 2020, the intensity of China's "cyber warfare" against India increased by 300%.

The Indian authorities are aware that internet threats are picking up pace globally with the deeper penetration of high speed internet around the world.

In March this year, Prime Minister Narendra Modi as well as former Congress chief Rahul Gandhi highlighted the need for India to prepare itself for “borderless wars” – referring to cyberwarfare.

The Indian PM had also said that with warfare going cyber, the Indian military must transform into a “future force”.

Talking to Sputnik, senior tech expert Kunal Kislay described how he has alerted the otherwise tech-savvy government of PM Modi to the problem, so it can invest money in educating Indians about the danger of cyber attacks and the repercussions they could have.