By Dr Shujaat Ali Quadri
Around 2,000 Indian websites were hacked in June-July 2022 alone. This is one of the most serious cyber attacks on India in the recent past.
Following this, Amit Wadhwa, DCP of Ahmedabad's Cyber Police, wrote a letter to the Indonesian and Malaysian governments as well as to Interpol. In this letter, two cyber groups 'Dragonforce Malaysia' and 'Hacktivist Indonesia' were held responsible for hacking 2000 websites of India, while handling electronic gadgets sitting in Indonesia and Malaysia.
Both these groups also appealed to the rest of the hacker groups of the world to hack the websites operating from India. These groups also put the personal information of suspended Bharatiya Janata Party leader Nupur Sharma on the website. Apart from the Andhra Pradesh Police, the personal information of many leaders of India was also made common. This was the first open case of hatred towards India and cyber attacks from these two Muslim-majority countries of the Far East. Obviously, this development occurred after that irresponsible statement of Nupur Sharma and Muslim groups from Indonesia and Malaysia carried out these cyber attacks in retaliation.
In an article in June, a well-known website called Threat Post said that Radware, through a new advisory, pointed out that a hacktivist group called Dragonforce Malaysia, with the help of several other groups, was indiscriminately scanning, defining and denialising several websites in India. It was also said to have launched off-service attacks. It called its campaign "OpsPatuk". Advanced threat actors were involved in these attacks. The group's intention was to breach the network and leak sensitive data.
Dragons Force Malaysia is an anonymous hacktivist group. It is associated with political goals. Their social media channels and website forums are open. Thousands of people follow and watch it. In the past, this Malaysian group has launched attacks against organisations and government entities in the Middle East and Asia. Its favourite target has been Israel and it has carried out several serious attacks on Tel Aviv and Israeli organisations.
Like Anonymous and Low Orbit Ion Cannon, Dragonforce weapons its own open source DoS tools -- Slowloris, DDoSTool, DDoS-Ripper, Hammer, and more -- in choreographed, engaging website defences. Experts say that this group is not sophisticated, but seeing its attacks, it seems that it would be foolish to consider it a childish and amateurish group. Dragonforce Malaysia and its allies have proved their ability to adapt and evolve with the threat landscape over the past year. Radware fears that Dragonforce Malaysia will continue to launch new reactionary campaigns based on its social, political and religious affiliations in the near future. Accordingly, new attacks by Dragon Force Malaysia on India can be feared.
The International Institute for Counter Terrorism (ICT) released the report titled 'Islamic State's Support to Hacktivists in Southeast Asia'. It said that hacktivism activities have increased in Southeast Asia, including website defacement, distributed denial-of-service (DDoS) attacks and information leaks. One group using this tactic is the United Cyber Caliphate (UCC), which operates with the support of the Islamic State (IS) terror group.
IS has increased cyber activity in Southeast Asia because of loss of its core territory in Iraq and Syria because of its physical expansion into the region. Presence of poverty, unemployment and salafi ideology in Southeast Asia has led to IS finding supporters in this region. This is enough to incite bigotry among the youth of this area.
The report says that cyber development in Southeast Asia has been rapid but cyber security is weak. Taking advantage of this, any knowledgeable person can use this area for cyber attacks. With the increasing societal reliance on connection techniques and the presence of a group of hacktivists, these elements will pose a real threat for years to come.
The Ansar Khilafat Army, an IS-backed hacktivist group, is part of the UCC Collective. The group was first run from closed Telegram groups in June 2018. In this it declared itself to be one of the working groups within the UCC Collective. Language analysis revealed that the origin of this group is Indonesian.
Considering all the facts, it is known that the Far East has now become a new ground for cyber attacks against India. Statements like that of Nupur Sharma also help such groups to rationalise their activities and influence vulnerable youths. The growing hatred for India in the Far East, the rise of new cyber hacktivists, and support for Islamic State make up a worrisome combination. This is a new front where India will have to wage a new war.
(The author is a known expert of Cyber Security and Information Warfare and holds a PhD in Artificial Intelligence)