Indian government organisations under threat from cyber-spy group
Mumbai: An advanced cyber-espionage group responsible for conducting attacks on a number of South Korean organisations has again come to spotlight after it was revealed that the Indian government organisations were its primary targets.
The group, dubbed Suckfly, had conducted several operations targeted at several countries since April 2014 but a Symantec investigation revealed that most of the primary targets were individuals and organisations from India.
A blog published on Symantec’s website indicated that the ‘these attacks were part of a planned operation against specific targets in India’.
Government organisations affected
While the Suckly campaign attacked several organisations across industries in 2015, most of the identified attacks were on well-known commercial, and especially government organisations in the country.
The blog said: ''Suckfly spent more time attacking the government networks compared to all but one of the commercial targets.''
For instance, one of the government organisations attacked are responsible for for implementing network software for different ministries and departments within India's central government.
Symantec said that the 'high infection rate for this target is likely because of its access to technology and information related to other Indian government organizations'. The blog also said that similar attacks were carried out in Saudi Arabia as well.
In addition, Suckfly also targeted one of India's largest E-commerce firms, one of India’s largest financial organisations, and an IT firm that assists India’s largest stock exchange.
"All of these targets are large corporations that play a major role in India’s economy. By targeting all of these organizations together, Suckfly could have had a much larger impact on India and its economy. While we don't know the motivations behind the attacks, the targeted commercial organizations, along with the targeted government organizations, may point in this direction", the blog explained.
The blog further pointed out that the cyber-spy group has the resources to develop malware, purchase infrastructure, and conduct targeted attacks for years while staying off the radar of security organizations.
"We believe that Suckfly will continue to target organizations in India and similar organizations in other countries in order to provide economic insight to the organization behind Suckfly's operations," it concluded.