Narendra Modi cover source of China hacking attack

A report prepared by cyber security major Kaspersky on Chinese attempts to hack into sensitive systems, including those of India, seems to show that Chinese hackers follow Indian politics keenly. One of the Microsoft Word files used by the Chinese hackers to plant malicious software on Indian systems was a report on the BJP’s support to Gujarat chief minister Narendra Modi in the event of a challenge to his primacy in the party.

At a time when the internecine conflict between LK Advani and Modi was playing out, Kaspersky reported that a malicious file named ‘BJP won’t dump Modi for Nitish’ was sent out targeting Indian systems last year. Anyone who opened this file ended up infecting his/her system and helping the Chinese hackers secretly upload information on to their servers back home. This file containing 1,013 words was set out in April last year with the intention of specifically targeting Indian systems.

In fact, the Kaspersky report also confirmed the major leak that had taken place earlier this year when Indian intelligence agencies found several DRDO systems were compromised. A file named ‘Indian Army Cyber Policy’ containing malicious software was let loose on Indian systems leading to several files marked as ‘Top Secret’ being uploaded on to China-based servers. This was first reported in dna on March 13 this year (http://dnai.in/bich).

Kaspersky confirmed that these files were infected with a specific malicious software called “TheNettraveler” also known as “TravelNet” that led to infection of several files. While the DRDO had denied these reports then, Kaspersky has confirmed that this malware was created to hack into Indian systems. Defence minister AK Antony ordered a comprehensive inquiry into the leak after dna reported the incident.

The report also points out that as they tracked the path of the Chinese malware they were led to several mirror sites which, ironically, were also offering tips on net security and privacy. In reality, these were mirage sites that were also masking a more elaborate intelligence operation to gather sensitive information. In fact, Indian intelligence agencies had found the server in Guangdong, China, from which they recovered several sensitive files including Cabinet Committee on Security files of the government of India.