A massive cyber attack on the computers of Indian Army officers has been thwarted. Suspected Pakistani and Chinese hackers attempted to inject data stealing malware on military systems by luring army officers by offering a foreign posting to Sri Lanka.
‘The pinpointed attacks were launched on Friday by the hackers to middle-rung Indian Army officers by sending them an email purportedly sent from a Government server and asking them to avail the offer of going for a posting to attend a prestigious course in a Sri Lankan military academy,’ Army sources told Mail Today.
The sender of the mail was nicknamed ADGMT-16. The mail was made to look as if it had been sent by Indian Army’s Directorate General of Military Training, which details officers and personnel for attending courses within and outside India along with the Military Secretary’s branch, the sources said.
Soon after, the first few officers who received the malicious mail referred it to the Army Cyber Group, which issued an immediate alert to caution the officers against opening the mail.
The Army Cyber Group in its warning, said, ‘A malicious email from *firstname.lastname@example.org* is being sent to Army personnel.
‘The email contains a malicious file ‘DEPUTATION_OF_ONE_ARM Y_OFFICER_TO_ATTEND_SRI_ LANKA. Xls’.
‘On opening the malicious file, a data stealing malware gets installed in the computer. Please do not open the email’.
Hackers often use links of dubious websites to inject malware in their victim’s system. These malware are designed to disrupt or damage or gain unauthorised access to a computer, and may steal critical information.
Incidentally, the hackers tried to attack Indian Army officers with offers of Sri Lanka posting at a time when Prime Minister Narendra Modi was in Colombo for a two-day visit.
Both the Army Cyber Group and the Computer Emergency Response Team (CERT-India) are trying to ascertain the source of the attacks.
They suspect it to be the job of Chinese and Pakistani hackers as they have been using similar tactics in the past.
Sources said the first few officers who received the mail got suspicious as soon as they received it as the Army does not offer or announce postings of officers on private mailbox and communicates only on its intranet.
In the last couple of months, this is the second massive attack on the Indian Army officers in a bid to steal classified information from their personal emails which could be used in many ways including blackmailing the victims or using the stolen data for anti-Indian activities, sources said.
In April, the Army Cyber Group had uncovered a coordinated attempt to hack into the computers of its senior officers with decoy emails that purportedly contained links of ‘their sex videos’.
At least four officers of Lieutenant General-rank posted at South Block headquarters were the target of the malicious bid.
The nationality of the hackers in the April attack has not yet been ascertained but the Army unit traced the server and the Internet Protocol address to Germany.
After a few incidents of virtual honey-trapping by Pakistani agents, the Army has been on an overdrive to educate its personnel to guard against such attacks.
One example of this is evident in calling an official Army telephone number, which plays a recorded message about the need to be careful from foreign agents who have been trying to extract information by all means. (Colombo Gazette)