Feeds

Indian navy computers stormed by malware-ridden USBs

China suspected of cyber skulduggery

The essential guide to IT transformation

The Indian navy has been left licking its wounds after suspected Chinese hackers managed to lift classified data from maximum security, non-internet connected PCs via malware hidden on USB drives.

The Indian Eastern Naval Command – which is currently overseeing trials of the country’s first nuclear missile submarine, INS Arihant – was the target of the attacks, which were first discovered at the start of the year, according to the Indian Express.

A “person familiar with the investigation” revealed to the paper that thumb drives were found at the site. These were apparently infected with malware which, once placed in the standalone computers, covertly collected information according to certain keywords.

These documents remained hidden on a secret folder on the USB until it was connected to an internet-enabled PC again, when they were sent to certain IP addresses traced to China.

Although there is no conclusive proof that these IP addresses were the final destination of the stolen documents, China has been accused many times in the past of similar military-led cyber espionage attacks.

Just last month fears surfaced that a laptop which went missing from a Taiwanese missile boat was half-inched by a Chinese spy after the navy admitted security at the base where the boat was moored was not as tight as it should have been.

The Indian Eastern Naval Command is also charged with overseeing operations in the South China Sea, a region which is highly sensitive politically for China and one which has recently seen an escalation in tensions over its territorial claims.

The report claims six officers are awaiting strict disciplinary action after the incident, although there is no mention that any of them may have been acting maliciously.

The Indian government has finally been roused into action by the increasing threat to its national security from cyber space, recently announcing plans to create a 24-hour National Critical Information Infrastructure Protection Centre (NCIPC) to monitor threats.

More controversially, it has also been finalising plans which would authorise two agencies to carry out state-sponsored attacks if called upon. ®

Next gen security for virtualised datacentres

More from The Register

next story
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.