Advertisement
India has become a major source of cybersecurity threats in China: security expert
- A security expert has said while many think the US poses the biggest cybersecurity threat to China, a lot of attacks come from South Asia
- One India-based group of hackers, known as ‘Bitter’, has used various methods to target government, military and nuclear sectors
Reading Time:3 minutes
Why you can trust SCMP
25
Zhang Tongin Beijing
A series of cyberattacks originating from India have been highlighted in recent reports by Chinese cybersecurity firms, with the attacks targeting China and Pakistan, among others.
Advertisement
So far, the foreign ministries of China and India have not issued any responses.
One cyberattack on the Chinese military, which was intercepted by a cybersecurity organisation in China in December, was believed to be orchestrated by a group of hackers from India. The attack bore striking similarities to previous ones in terms of targets and methodologies, suggesting the involvement of the same group.
This group, identified as an advanced persistent threat (APT) and active since at least November 2013, was first discovered and named “Bitter” by American security firm Forcepoint and “Manlinghua” by Chinese company Qihoo 360 in 2016.
Over that time, the increasing exposure of Bitter’s activities has shed light on its political motives, as it primarily targets Pakistan and China, and focuses on government agencies, military and nuclear sectors.
Cybersecurity analysts suspect the group’s origins trace back to India, potentially with state support, based on IP address locations and linguistic patterns observed in the attacks. Moreover, Bitter is believed to be connected with several other groups that are suspected to be Indian, including Patchwork, SideWinder and Donot, among others.
Advertisement