New Delhi, August 28: A cyber intelligence report submitted by digital security company Symantec stated that Indian and Pakistani security agencies have been hit by a sustaining cyber spyware since October 2016. According to the data submitted by the firm, this threat seems to be a state-sponsored attack against India and Pakistan which are involved in security issues in the South Asian region. Also Read - COVID-19: India Records Over 60,000 Cases For Fourth Straight Day; Total Tally Crosses 2.2 Million, Deaths Near 45K
As per Symantec, quoted by Reuters, the spying malicious software (hence spyware) utilise backdoor access to files and data. It is installed by the attackers using decoy documents regarding security issues in South Asia. Reportedly, these documents included reports from Reuters, Zee News and The Hindu regarding military issues and Kashmir. The spyware allows the attackers to upload and download files, identify target’s location, take screenshots and carry out process, including personal data theft. Also Read - India's COVID-19 Recoveries Cross 15-Lakh Mark; 10 States Contribute More Than 80% of New Cases, Says Health Ministry
The Reuters report claimed that although Symantec has not identified the sponsor of the spyware, but it said that government and military with interests and operations in South Asia are the possible targets. This report quoted an anonymous source saying that such an attack was earlier launched on Qatar. Also Read - 'No Doubt Buddha Was Born in Nepal': India Clarifies After Nepal Objects to Jaishankar's Remarks
Symantec in its threat intelligence report sent to clients last month talked about this threat. According to it, this attack seems to be the work of several groups, but all of them with similar goals. Hence, it has raised concern about this attack being a possible state-sponsored one.
Indian Computer Emergency Response Team (CERT-In), while talking to Reuters did not mention the July report, but asserted that prompt action was taken after a Singapore-based company alerted them about a possible cyber attack in October 2016. On the other hand, an official of Pakistan’s Federal Investigation Agency denied having received any such information of cyber attack. However, another cyber-security firm official said that an internet protocol address in Pakistan submitted the malware to a testing service.