As DDoS and Phishing Surge Post-Pahalgam Attack, Which Other Threats Demand Attention?
India faced a massive cyber onslaught in the days following the Pahalgam terrorist attack, with over 10 million intrusion attempts reported by the Computer Emergency Response Team-Maharashtra (MH-CERT). The attacks, which began soon after the incident, were characterized by a mix of Distributed Denial of Service (DDoS) floods, website defacements, phishing campaigns, and exploit attempts targeting various sectors, including public, critical infrastructure, and defence portals.
According to MH-CERT, the hacker groups behind the cyberattack were diverse and included Pakistan Cyber Force, Team Insane PK, Anonymous 71, and advanced persistent threat (APT) groups like APT 36 and Sidecopy. The hackers used malicious domain names that mimicked real ones, such as @gov.in and jkpolice.gov.in, in their phishing campaigns to spread propaganda and gain visibility.
The most common tactic used by these groups was to target educational institutions and other small-scale websites to spread propaganda and gain visibility. They also launched DDoS attacks on government portals to disrupt service availability. Furthermore, the hackers attempted to extract personal and financial information from target databases using increasingly sophisticated intrusions.
Consequences of Cyber Attacks During Conflict
"The most common sort of attack is the DDoS attack, and you have to always watch out for it because it can cripple critical systems due to the sheer volumes they generate in terms of traffic," said Saikat Datta, co-founder of Deepstrat.
Datta emphasized that depending on the sector targeted by a hacker group, attempts to infiltrate a system's backend can have major consequences for a country. He gave the example of the banking, financial services, and insurance (BFSI) sector, which the authorities had specifically instructed to remain alert for attacks.
"If there is a hack into the core banking system of any one bank, it can have major consequences," he explained. Similarly, transport systems, particularly air traffic control and airport management systems, are critical areas that need to be on high alert during such situations, as they can cause significant havoc if compromised.
The Role of Disinformation in Cyber Attacks During Conflict
Another key concern during times of conflict is when cyberattacks are coupled with disinformation. Saikat Datta emphasized the importance of this issue, stating that it can create havoc or panic, particularly for well-known individuals or officials on social media.
"Let's say I am on Twitter and I'm a well-known, recognized individual or official. If someone is able to compromise my social media account and put out false information, that can create havoc or panic," he explained, adding that India witnessed several such incidents during the recent conflict with Pakistan.
Conclusion
The Pahalgam terrorist attack has highlighted the importance of being vigilant against cyber threats. With over 10 million intrusion attempts reported in the days following the incident, it is clear that India needs to take a proactive approach to protect itself against such attacks. By understanding the tactics used by hacker groups and staying alert for DDoS attacks and disinformation, we can mitigate the consequences of these cyberattacks and ensure the security of our critical infrastructure.