Much recently, Bharat Sanchar Nigam Limited (BSNL), along with defence and aerospace contractors, were attacked by suspected Chinese sponsored hackers. According to a Money Control report, the information on allegation comes from Recorded Future, a company that provides intelligence for enterprise security.
Inskit Group, Recorded Future’s threat research division, further said that RedFoxtrot, a China-backed hacker group, has aimed at several non-governmental and governmental companies in South Asia and Central Asia for cyber hackings.
BSNL, Bengaluru Based Defence Technology Company and More Attacked
A Bengaluru based manufacturer and India’s defence technology developer, Alpha Design Technologies, along with BSNL, was attacked by the China sponsored hacking group. One of the major details shared by Inskit was the links found between People’s Liberation Army (PLA) Unit 69010, RedFoxtrot, and Strategic Support Force (SSF), China’s military intelligence backbone.
The cyberattack by the Chinese sponsored group was targeted at several sectors, including telecom, defence, aerospace, mining and research organisations, government, and more. The attacks were made in countries including Pakistan, India, Kazakistan, Afghanistan, Tajikistan, Kyrgyzstan, and Uzbekistan.
For the unaware, the RedFoxtrot group has been active since 2014 now. Post the border tensions between India and China; the Indian Defence Contractors have been under heavy attacks by the Chinese sponsored hacking group.
As per Recorded Future, RedEcho, a Chinese group, had attacked 10 Indian power sector assets, which included the Power System Operation Corporation Ltd, NTPC, Indian Railways, and more. But the thing is, RedEcho’s attack was focused on only energy sectors, and it was like a prepositioning for making future attacks.
But the RedFoxtrot attack isn’t just focused on one country and also isn’t focused on one sector. The report from Recorded Future suggests that RedFoxtrot maintains a significant amount of operational infrastructure. Further, the group had employed publicly available and bespoke malware that is commonly used by Chinese cyber attacking groups.
This is a grave issue for the protection and security of Indian data and the government’s secrets. The RedFoxtrot attack can be assumed to be one of the many upcoming attacks from the group that won’t stop and limit its focus to just one sector. Thus this is high time that government invests in upgrading its security infrastructure and help the private companies do that as well.