U.S. group hacked top research institutes in India, Russia and China, says Beijing cyber firm  

Among the reportedly compromised websites were India’s Institute of Microbial Technology (IMTech), the Indian Academy of Sciences in Bengaluru, and the Banaras Hindu University

February 24, 2022 10:17 am | Updated 11:48 am IST - Hong Kong

Image for representational purpose

Image for representational purpose | Photo Credit: Getty Images/iStockphoto

A new report from a Beijing-based cybersecurity firm said hackers linked with the U.S. National Security Agency (NSA) were found to have inserted “covert backdoors” that may have given them access to sensitive information in dozens of countries, including India, Russia, China and Japan.

Among the reportedly compromised websites listed in the report were those linked to one of India’s top microbial research labs —the Institute of Microbial Technology (IMTech) under the Council of Scientific & Industrial Research — as well as the Indian Academy of Sciences in Bengaluru. Websites linked to the Banaras Hindu University were also listed as being hacked into.

The Beijing-based cybersecurity firm Pangu Lab released a technical report explaining how it had found the backdoors and linked it to “unique identifiers in the operating manuals of the NSA” that had come to light in the 2013 leak of NSA files by insiders.

‘Shadow Brokers’

“In 2016 and 2017,” the report said, “the ‘Shadow Brokers’ published two batches of hacking files claimed to be used by ‘The Equation Group’. In these hacking files, researchers from Pangu Lab found the private key that can be used to remotely trigger the backdoor Bvp47…a hacker tool belonging to ‘The Equation Group’. Through further research, the researchers found that the multiple procedures and attack operation manuals disclosed by the ‘Shadow Brokers’ are completely consistent with the only identifier used in the NSA network attack platform operation manual exposed by CIA analyst Snowden in the PRISM incident in 2013.”

The report, which explained the technicalities of how the backdoor worked, said this was “a backdoor communication technology that has never been seen before, implying an organisation with strong technical capabilities behind it.”

“As an advanced attack tool, Bvp47 has allowed the world to see its complexity,” it said. “What is shocking is that after analysis, it has been realised that it may have existed for more than 10 years.”

The report listed dozens of sites — many universities and scientific research institutes — that had reportedly been compromised in countries, including both U.S. adversaries and allies and partners, ranging from India and Japan to China and Russia.

Rebuttal to U.S. allegations

The report is being framed by the Chinese media as a rebuttal to U.S. allegations of Chinese cyber hacking. China-linked cyberattacks have targeted a number of U.S. institutions and become a thorny issue in U.S.-China relations.

 Indian agencies have also reported cyber attacks from China targeting a wide range of institutions, including government departments. The Union Power Ministry said last year that “state-sponsored” Chinese hacker groups had targeted various Indian power centres but added that the groups have been thwarted after government cyber agencies warned about their activities. This followed a report from a U.S. cyber security firm linking a major power outage in Mumbai in 2020 to hacking attacks by China-linked groups.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.