Feeds

Indian navy computers stormed by malware-ridden USBs

China suspected of cyber skulduggery

Using blade systems to cut costs and sharpen efficiencies

The Indian navy has been left licking its wounds after suspected Chinese hackers managed to lift classified data from maximum security, non-internet connected PCs via malware hidden on USB drives.

The Indian Eastern Naval Command – which is currently overseeing trials of the country’s first nuclear missile submarine, INS Arihant – was the target of the attacks, which were first discovered at the start of the year, according to the Indian Express.

A “person familiar with the investigation” revealed to the paper that thumb drives were found at the site. These were apparently infected with malware which, once placed in the standalone computers, covertly collected information according to certain keywords.

These documents remained hidden on a secret folder on the USB until it was connected to an internet-enabled PC again, when they were sent to certain IP addresses traced to China.

Although there is no conclusive proof that these IP addresses were the final destination of the stolen documents, China has been accused many times in the past of similar military-led cyber espionage attacks.

Just last month fears surfaced that a laptop which went missing from a Taiwanese missile boat was half-inched by a Chinese spy after the navy admitted security at the base where the boat was moored was not as tight as it should have been.

The Indian Eastern Naval Command is also charged with overseeing operations in the South China Sea, a region which is highly sensitive politically for China and one which has recently seen an escalation in tensions over its territorial claims.

The report claims six officers are awaiting strict disciplinary action after the incident, although there is no mention that any of them may have been acting maliciously.

The Indian government has finally been roused into action by the increasing threat to its national security from cyber space, recently announcing plans to create a 24-hour National Critical Information Infrastructure Protection Centre (NCIPC) to monitor threats.

More controversially, it has also been finalising plans which would authorise two agencies to carry out state-sponsored attacks if called upon. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.