N Nagaraj
When Indian forces launched Operation Sindoor, a series of targeted strikes against terrorist infrastructure across the border, in May this year, Indian cyber networks began to flicker with unusual activity. Government servers, defence communications and even civilian systems were hit by a wave of phishing emails and malware attacks.
A recent research paper from the Indian Institute of Technology, Bombay, titled ‘Cyber warfare during Operation Sindoor: Malware campaign analysis and detection framework’, provides the first detailed reconstruction of these cyber attacks. Authored by Prakhar Paliwal, Atul Kabra and Manjesh Kumar Hanawal, the study documents how Pakistan-based ‘advanced persistent threat’ (APT) groups launched targeted cyber intrusions in parallel with the physical conflict, marking one of the most sophisticated instances of hybrid warfare in South Asia.
The masterminds
The attacks were traced to APT36, also known as Transparent Tribe, a Pakistan-based cyber espionage group that has been active since 2013. Believed to operate in alignment with Pakistani State interests, APT36 has a long history of targeting Indian military, diplomatic and government networks.
It typically relies on spear-phishing, using malicious Office documents and fake domains to lure victims into opening infected attachments.
During Operation Sindoor, the group’s tactics were similar, but marked by unprecedented precision and timing.
No comments:
Post a Comment