Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber Attack From Inside India Hits Pakistan Government

Posted by samzenpus on from the lets-get-ready-to-rumble dept.

judgecorp writes "Government institutions are among the targets of an attack on Pakistani bodies, which originates in India, according to reports. The campaign is using vulnerabilities in Microsoft software to install the HangOver malware, according to Norwegian security firm Norman Shark (PDF). From the article: 'In the attacks on Pakistani organizations, spear phishing emails were sent out purporting to contain information on "ongoing conflicts in the region, regional culture and religious matters," according to Norman. Norman could not provide direct attribution to the attacks, but its report did note the following: "The continued targeting of Pakistani interests and origins suggested that the attacker was of Indian origin." Snorre Fagerland, principal security researcher in the Malware Detection Team at Norman, told TechWeekEurope it appeared Pakistani government bodies had been attacked.'"

10 of 42 comments (clear)

  1. If some government were doing that... by icebike · · Score: 4, Insightful

    If India were actually behind this, why would it appear to come from India?

    If someone else were doing this, wouldn't India be the obvious choice for your final leg?

    --
    Sig Battery depleted. Reverting to safe mode.
    1. Re:If some government were doing that... by interkin3tic · · Score: 4, Insightful

      If India were actually behind this, why would it appear to come from India?

      Perhaps because the Pakistanis would blame India even if the government knew it was from someone else, so why bother. TFA also makes it sound like there's no smoking gun implicating the Indian government, so saying "These attacks came from within India!" is probably not enough to bring much international heat on India (or shouldn't anyway, the UN has shown once or twice it doesn't understand how the internet works, or at least that it doesn't care.) TFA also mentions that it's possible someone is trying to make it LOOK like an Indian security firm, while it may not actually be.

      Lastly, and perhaps most simply, it could be incompetence.

    2. Re:If some government were doing that... by slashmydots · · Score: 3, Insightful

      Actually, no IPs were from india it seems to indicate. They said it's against Pakistin, thus it's from India, end of evidence. Talk about idiotic non-journalistic bullshit.

    3. Re:If some government were doing that... by Sarten-X · · Score: 2

      If someone else were doing this, wouldn't India be the obvious choice for your final leg?

      It would be the obvious choice, but it'd be the wrong one. It would be questioned, as you have, possibly spurring a deeper investigation that reveals India was a scapegoat. If I were doing it, my final leg would be somewhere like China, who would be most likely to assist in an investigation, that reveals my next-to-last leg in the United States, starting an international political mess. Only when the madness of diplomacy settles down will they work back to the drone in India, which by that time has been thoroughly damaged so as to hide any evidence of the attack. Pakistan blames India, while China and the US are both annoyed at having to roll out their diplomatic weaponry.

      --
      You do not have a moral or legal right to do absolutely anything you want.
    4. Re:If some government were doing that... by bragr · · Score: 3, Insightful

      It's just as likely some independent hacker who figures that it is easier to get away with hacking the "enemy". Smart russian hackers don't hack russians, smart american hackers don't hack western targets, smart chinese hackers don't hack chinese targets. Pretty good chance that this is just the same from an Indian perspective.

    5. Re:If some government were doing that... by noh8rz10 · · Score: 2

      my intuition is that pakistani hard liners did this in order to influence the election and take voters away from the moderates.

  2. sensationalist much? by Cenan · · Score: 4, Informative

    From the first article:

    Norman could not provide direct attribution to the attacks, but its report did note the following: “The continued targeting of Pakistani interests and origins suggested that the attacker was of Indian origin.”

    From the PDF:

    None of the information contained in the following report is intended to implicate any individual or entity, or suggest inappropriate activity by any individual or entity mentioned.

    Prominently displayed centered on the very first page of the report after the cover.

    --
    ... whatever ...
  3. Re:proof by icebike · · Score: 2

    The only "proof" of that it originated from India is... still searching and can't find anything in the article.

    Probably the last-hop IP in the spear phishing mail headers.

    That is the only IP address you can (somewhat) trust, because it is inserted by your own mail server.
    Is it proof?, certainly not.

    --
    Sig Battery depleted. Reverting to safe mode.
  4. More than meets the eye by benjfowler · · Score: 2

    Maybe Pakistan are just bunging on an act as a pretext to attack non-Muslims again?

    Or maybe they're telling the truth for once, but it's the Chinese hacking their fair-weather friend? The Chinese have the market cornered on immorality in general, and criminal hacking in particular, so it wouldn't surprise me.

  5. The only thing that unites Pakistan is ... by 140Mandak262Jamuna · · Score: 5, Informative
    The only thing that unites Pakistan is the hostility towards India. Basically the country is fragmented into many factions. The state of Balochistan has secessionist rumblings. The political and economic power is with the Punjabi Sunnis. But other muslims like Shia, Ahmadia, Sufis etc feel discriminated and exploited. The descendent of Indian muslims who moved to Pakistan at the time of partition are called pejoratively "mohajirs". The armed forces of Pakistan use eminent domain to allocate itself prime pieces of real estate and other things. Then it sells these properties to "officers' associations". Most of the economy is in the grip of the armed forces. Pakistan never had real control over Northwest Frontier Province. The islamic terrorists groomed by the army to be used in a proxy war with India are difficult to control, and they often turn against the local state government.

    Recently they had election and an old disgraced politician named Nawaz Shariff has formed a new government. So as usual they are thumping their chests and beat the war drums in some attempt to unify the country behind him. Hope he calls the yelping dogs off before serious permanent damage is done.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact