skip to content

Pakistan-sponsored hackers targeting GoI, defence, aerospace sectors, attacks up 40% from last year

Over the last year, attacks on India’s defense sector increased by 39 percent. In May 2024, the Pakistani-based advanced persistent threat group Transparent Tribe (APT36) was discovered to have targeted the Indian government, defense, and aerospace sectors.

Two months before this attack, unidentified threat actors breached multiple government entities in India, including agencies responsible for electronic communications, IT governance, and national defense. This was similar to the attack on the Indian Air Force in January of this year.

Indian government and defense organizations are increasingly becoming vulnerable to cyberattacks. While the government and defense sectors have taken numerous measures to curb attacks, threats persist. This can be attributed to spearphishing, inertia in continuous threat monitoring, and a reactive approach to cybersecurity.

Security breaches in defense sectors can have debilitating impacts on national security, as they could lead to compromises of command and control, weapons, detection, and defense defense systems. Securing these capabilities is crucial to India’s national interest and the protection of the country’s cyberspace.

OT security for defense organizations
Operational technology plays a significant role in many aspects of the defense sector — be it military organizations or the state-backed defense manufacturing sector. Strengthening the cyber defenses of these systems is non-negotiable. OT controls and monitors devices, such as robots and support equipment, which assist the defense wings in continuously operating equipment and devices.

Unlike traditional IT systems, OT is directly involved in the monitoring and direct control of physical processes and systems, improving efficiency and enhancing the safety of defense systems. For military installations, OT plays a crucial role in automating and enhancing operations in domains such as energy management, logistics support, infrastructure, and weapon systems. Therefore, the underlying security of these systems is paramount.

The Indian defense sector uses its proprietary technologies to minimize the risk of exposure. However, this also means that integrating preventive security solutions can be challenging. An ideal solution would be using a platform that seamlessly integrates with existing technologies. This integration must ensure a comprehensive security posture—one that addresses the vulnerabilities of OT environments without hampering efficiency or reliable performance.

This industry needs a preventive security framework that offers comprehensive asset discovery, continuous monitoring, and detection of threats, in-depth network traffic analysis for early detection, support for effective incident response, forensic analysis for swift action, and in-depth investigation of security incidents. Such tools can provide comprehensive reporting to support compliance with relevant regulations and standards, providing clear visibility into security posture and compliance status.

Identifying the most common attack vectors
Spearphishing was used to gain initial access to the cyberattack against the Indian Air Force in January of this year. Phishing and spearphishing emerged as the root causes of the most serious breaches in India, according to IBM, costing organizations USD 2.28 million.

Clicking on malware designed to deceive users, either inside an email or on a malicious website, is a common and successful method of attack. However, this method is best mitigated with a robust cybersecurity awareness program. Security training is invaluable in educating users on best practices, especially identifying phishing emails, avoiding malicious browser plugins and attack success extensions, and keeping applications up-to-date. An educated user base reduces the likelihood of this type of attack being successful.

Another common attack path is unpatched applications. Unpatched external-facing assets like email clients and web browsers may contain vulnerabilities that allow a compromised user’s device to be vulnerable to several attacks. Malicious or poorly coded extensions may enable attackers to gain unauthorized access to sensitive information or even inject malicious code.

Defense organizations in India should practice safe email and web browsing habits, keep software up-to-date, and utilize anti-virus and anti-phishing software. A preventive approach would involve using AI-powered technologies that minimize the attack surface associated with web browsers and email systems. Periodic scanning is no longer an acceptable defense tactic, given the nature and proliferation of cyber threats.

Point-in-time scanning leads to uncertainty and gaps. Indian defense organizations need robust preventive security solutions that help identify blindspots and understand risk relationships between users and critical assets. Such an approach protects high-security systems from cyber intrusions and maintains smooth functioning and the safety and integrity of high-security areas, which are crucial to India’s national security.

Share your love
Facebook
Twitter
LinkedIn
WhatsApp

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

error: Unauthorized Content Copy Is Not Allowed