Since mid February 2016, Indian security researchers have been reporting a barrage of cyber threats that are at present, still going on, in a most rare and startling incident. It is named Operation Transparent Vibe, and poses a threat to crucial security information pertaining to the country’s well-being. Spear phishing emails have been received by top officials at Indian embassies in Saudi Arabia and Kazakhstan. Both the attacks seem to have been sent from the same IP address.
Proofpoint, India’s security establishment, has done a detailed investigation of the attack and has informed us that it is part of a much larger operation that has affected more computers owned by Indian officials except the two that were reported.
The targets of this attack are mainly personnel from the military and the method of attack is mainly spear-phishing and watering hole techniques. In some cases, the victims are infected with RATs, or Remote Access Trojans, that allow the hacker to control the user’s computer from a different location. It is an extremely advanced and relatively newly discovered cyber espionage tool and is not easy to get rid of once a device is infected.
The Trojan, once at large, can take screenshots of a person’s desktop, record audio and video from a webcam as well as steal email and the data contained in them. A team of India officials explains that this is proof that war is no longer waged on the ground or in mid-air, it can also happen on the internet.