As the concern for cyber warfare increased more than ever, China has become a favorite flogging-horse in the security sphere. In fact, IP addresses from China and Chinese-code has been caught repeatedly part of corporate and state cyber espionage. India is the latest one to blame the Chinese hackers for breaking into the sensitive naval computer systems of India’s Eastern Naval Command. The hackers planted bugs that transmitted confidential Indian Naval data to IP addresses in China. The data is suspected to be related to INS Arihant, India’s first nuclear sub, which is being put through the paces at the command.
Indian Naval Board has denied commenting on the situation saying that it is “premature at this stage” to comment on the level of losses incurred, but informed that the source of the infection was a compromised USB drive found in a naval office. While the Navy stores sensitive data in standalone computers (not supposed to have ports) that are not connected to the Internet, the classified data was hacked because of the use of pen drives that are prohibited in the naval office. They have also completed a Board of Inquiry, according to which at least six mid-level officers may be accused for procedural lapses that led to the security breach.
“An inquiry has been convened and findings of the report are awaited. It needs to be mentioned that there is a constant threat in the cyber domain from inimical hackers worldwide. The virus was found hidden in the pen drives that were being used to transfer data from standalone computers to other systems”, said a Navy person familiar with the investigation.
Besides IP addresses, another reason that Indian officials are blaming China is the tension between the nations in the area that the Naval Command governs. Looking at the track record of China and as per a survey recent conducted by Massachusetts-based Bit9, China is the ‘most likely actor’ in the “nation states” attacks. Although the country is playing nice with the US in cyberwar drills, it has been behind numerous different malware distributions and even been accused of outright hacking in several instances.
Even last year, we saw South Korea suffering attacks from North Korea hijacking social networks, exfiltrating usernames and passwords, and with a lot of reasons to think that the hackers were warehoused in China itself. Then we had Chinese IP addresses involved in an attack against the U.S. Chamber of Commerce in December 2011. China didn’t take these accusations laying down and swiped back—but then immediately came under fire from Japan over a hack against their parliament via China.