Chinese Army could conduct a massive cyberattack: Indian security agencies says
One day after Indian agency, tasked with cybersecurity, Cert-In issued an advisory regarding a possible cyber-attack in the country, the Indian security agencies have also issued an alert on a possible cyberattack from the Chinese Army.
The alert claims that the Chinese cyber warriors are expected to carry a massive phishing attack. It is possible that this attack will be disguised as an offer for the free Covid-19 test.
Beware of emails promising free Covid-19 tests in Indian metros as it could be a “potential cyber offensive attack from the Chinese Army”, security agencies have warned its personnel.
The warning was issued after CERT-in issued an advisory that “malicious actors are planning a large-scale phishing attack campaign against Indian individuals and businesses (small, medium and large enterprises)”.
The security agencies alert came against the backdrop of tensions at the India-China border after a “violent face-off” left 20 Indian soldiers killed.
In the alert, the agencies said the phishing attack from the Chinese cyber warriors a “malicious group” claiming to have two million individuals’ email addresses could be in the guise of a free Covid-19 test.
“Watch out for IDs like [email protected]”. Beware of malicious phishing e-mails/ SMS/messages on social media inciting you to provide personal and financial information,” it said.
A phishing campaign is expected to impersonate government agencies, departments and trade associations who have been tasked to oversee the disbursement of the government financial aid and could use a spoofed email with “free Covid-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad” in the subject line, it said.
“It is seen that a well-educated/aware person is likely to be less prone in falling prey to such kind of cyberattacks,” the alert said adding security personnel should be educated about the possible cyber-attack.
The alert also advised personnel not to open or click on the attachment in an unsolicited e-mail, SMS or messages through social media, exercise extra caution in opening attachments, even if the sender appears to be known and beware of e-mail addresses, spelling errors in emails, websites and unfamiliar email senders.
One should not submit personal or financial details on unfamiliar or unknown websites or links, check the integrity of URLs before providing login credentials or clicking a link, and consider using safe browsing tools, filtering tools (antivirus and content-based filtering) in antivirus, firewall, and filtering services. Update spam filters with the latest spam mail contents.
The users should also try to encrypt sensitive documents to avoid potential leakage, the alert said.
By Sanjida Jannat
