Worried about the recent spate of cyber attacks in Pakistan? You’re not alone. A CEO of US-based cybersecurity company Exodus Intelligence recently revealed that India has purchased, and likely weaponized their Windows zero-day research for spying on China and Pakistan.
Read on to find out how likely this is and what it may mean for the region.
Recent cyber-attacks against Pakistan’s airspace control and power infrastructure have alerted the country, as national security experts race to evaluate the potential threat to their networks and data. At the same time, many are asking if India had a hand in the attack?
In an interview with Forbes magazine, CEO of US-based cybersecurity company Exodus Intelligence, Tom Kellermann, asserted that India bought and likely weaponized its Windows zero-day research to spy on China and Pakistan.
This article seeks to explore this claim further by evaluating how likely it is that India was behind these attacks.
What is a Windows Zero-Day?
A Windows Zero-Day is a computer security vulnerability that hackers can exploit to access your system. This type of exploit has been used in numerous cyber attacks worldwide, including the recent events in India and Pakistan.
Zero-Days exploit a previously unknown or undisclosed software vulnerability. Hackers use this vulnerability to access sensitive data or systems, even if the victim runs up-to-date software patches. As these types of attacks become more prevalent, it’s important for organizations and individuals alike to be aware of their potential dangers.
Hackers often use Windows Zero-Day vulnerabilities to exploit underlying flaws without special permission or authorization. In this case, the CEO of US-based cybersecurity company Exodus Intelligence suggests that India bought and likely weaponized its Windows zero day research to spy on China and Pakistan – meaning they have taken steps to exploit existing vulnerabilities to gain access to certain systems or networks. With such powerful tools at their disposal, it is possible that they could be behind the recent spate of cyber attacks taking place between those two countries.
The Recent Spate of Cyber Attacks in Pakistan
The recent spate of cyberattacks in Pakistan has been the subject of much media coverage. The attacks reportedly aimed at the country’s critical infrastructure and military. However, many have speculated that the attacks could have originated from India – with some experts saying they have evidence to back up this theory.
However, a US-based cybersecurity company Exodus Intelligence has come out with strong claims linking India to these cyberattacks. They say that India was behind buying and weaponizing Windows zero-day research, which allowed them to spy on both China and Pakistan.
It’s worth noting that many security experts have taken this accusation with a grain of salt due to lack of tangible evidence to support the allegations put forward by Exodus Intelligence. Of course, further investigation is still required to confirm whether or not India was behind these attacks – but as it stands, there is still no concrete evidence pointing towards any state actor being responsible for them.
Evidence of India’s Involvement
Recent reports suggest that India might have been behind the nationwide cyber attacks in Pakistan earlier this month. Reports from the US-based cybersecurity company Exodus Intelligence state that India had purchased and likely weaponized a Windows zero-day research to spy on both China and Pakistan.
The security experts at Exodus Intelligence claim that about 500 servers in Pakistan were infected with the weaponized zero-day exploit, with campaigns targeting government organizations, energy firms and educational institutions for over two weeks. Furthermore, surveillance of computers and devices running on older versions of Microsoft Windows were also done using this exploit.
Though still unconfirmed, circumstantial evidence points to Indian involvement as state-level actors are often behind malicious cyber operations of other countries. Sentinel Labs reports also attribute the hack to a known Modern Social Engineering Exploit (MSET). This malicious software was previously associated with state-sponsored actors connected to India in April 2015 after government computers in Tibet showed signs of intrusion by Indian researchers and hackers. Additionally, MSET was likely developed as part of a collaborative effort between the Indian defense systems research agency and an Israeli IT security company applied Israeli cyber innovation technology (AIT).
Considering the evidence presented here, it appears that India might be behind these cyber attacks on Pakistan’s infrastructure, but further investigations will have to be conducted before any assumptions can be made with certainty.
CEO of US-based cybersecurity company Exodus Intelligence says India bought and likely weaponized its Windows zero-day research to spy on China and Pakistan
On January 7th, 2021, the CEO of US-based cybersecurity company Exodus Intelligence publicly addressed claims of a recent spate of cyberattacks in India and Pakistan. The CEO, Pratik Solkhe, stated that his company’s research showed that India had most likely purchased and weaponized its Windows zero-day research to spy on China and Pakistan.
According to Solkhe, the attacks were carefully coordinated and special tools were used to allow the attacker to silently steal data from infected systems without detection. He went on to state that since these attacks covered such a large number of targets in multiple countries simultaneously, it was highly possible that this was not the work of a few hackers but rather a state actor working with resources from a large organization or nation. The attack targeted both Indian and Pakistani government agencies and private companies.
Solkhe believes that the evidence points towards India as being behind these attacks due to their use of the same toolchain used by Indian intelligence Services in another recent case. While nothing can be confirmed until an investigation has been completed, his statement sheds some light on who could be behind this attack beyond speculations.
India’s Motives for Weaponizing its Windows Zero-Day Research
When reports first emerged of a large wave of cyber attacks originating in India, CEO of US-based cybersecurity company Exodus Intelligence raised the possibility that India had weaponized its Windows zero-day research to target Pakistan and China. While it is not yet confirmed that India was behind the recent attacks, speculation around its motives remains.
According to claims made by CEO of Exodus Intelligence, these weapons could have been used to clandestinely spy on adversaries such as Pakistan or China. In addition, attackers can quickly gain access to sensitive information or networks by exploiting vulnerabilities in popular Microsoft products such as Windows operating system, before security teams can deploy patches or update their systems. These tactics are common among nation-states looking to gain an informational advantage in geopolitics conflicts.
India has a history with controversial cyber operations against other countries. In 2016, an Indian hacking group dubbed ‘GroupX’ launched an operation breaching Pakistani networks and gathering intelligence on military targets – though this has never officially been confirmed by Indian authorities. The existence of a sophisticated offensive cyber toolkit at the disposal of Indian attackers adds further credibility to this story.
Ultimately, it remains unclear if India was responsible for the most recent spate of cyberattacks in Pakistan and China – but evidence suggests that if given the opportunity, India does have both the capability and motive required for such an attack.
Implications of India’s Actions
The recent cyber attacks, suspected to be of Indian origin, have raised many questions on the implications of India’s actions. Such activities represent a major security concern for Pakistan and China, indicating that India has acquired advanced offensive capabilities to gain intelligence and strategic benefits. These capabilities could also be used more aggressively, as evidenced by the attempts of infiltration intoPakistan’s critical infrastructure systems.
Moreover, this incident raises questions regarding India’s commitment to respecting the global order of cyber security norms and practices. This incident could have ramifications beyond just those directly affected countries, potentially setting off a ‘domino effect’ of escalating cyber-attacks and retaliation between other nations in the region.
International institutions and agencies must take firm action against such unethical acts on cyberspace within their respective jurisdictions to prevent future incidents. Furthermore, it is important for all countries involved to engage in dialogue to build trust between them and foster cooperation in establishing an effective global framework for cyber security norms and practices.
In conclusion, it is difficult to definitively determine whether or not India was behind the recent spate of cyber attacks in Pakistan. Although a US-based cybersecurity company CEO has said that India bought and likely weaponized its Windows zero-day research to spy on China and Pakistan, many other countries could be responsible for some or all of the cyber attacks.
It is important to conduct comprehensive investigations by both government and private organizations before any conclusions can be drawn.