Hacktivist Mayhem: India’s G20 Summit Faces Cyber Threats

 

In a shocking turn of events, the official websites of the Delhi Police and Mumbai Police fell prey to a cyber onslaught allegedly orchestrated by the hacktivist group known as "Team Insane PK." This incident has sent shockwaves through the cybersecurity realm, igniting concerns of potential threats emerging on the eve of the G20 summit taking place in the national capital.

On the fateful evening of September 7, 2023, both the Delhi Police and Mumbai Police websites were thrust into chaos as they became targets of a Distributed Denial of Service (DDoS) attack. This malicious assault resulted in the websites crashing and temporarily going offline, leaving visitors with a disconcerting error message proclaiming, "This service isn't available."

Also Read: Cybercrime in Nagpur - Cyber Blackmailer Couple Arrested in Pune for Extorting Money

Adding a layer of authenticity to this cyber disturbance, Falcon Feed, a prominent Threat Intelligence platform, promptly reported that the responsibility for these attacks rested with "Team Insane PK," a hacktivist group with religious inclinations. As proof of their culpability, the group brazenly posted a screenshot of their conversation within a Telegram group.

Fortunately, the Delhi Police website managed to regain its functionality after a mere 10-minute hiatus. Nevertheless, this incident serves as a stark reminder of the prevailing concerns regarding the overall cybersecurity preparedness, especially when critical events such as the G20 Summit are on the horizon.

Team Insane PK, hailing from Pakistan, has been consistently targeting high-profile Indian government websites since the inception of the year. Their modus operandi predominantly involves deploying DDoS attacks, a tactic that inundates websites with an overwhelming volume of traffic, leading to their temporary incapacitation. Occasionally, they also resort to defacing websites to assert their presence and make a pointed statement.

This recent cyber skirmish has cast a shadow over the cybersecurity landscape, prompting authorities to reevaluate and bolster their defenses as they strive to protect vital digital infrastructure from potential threats.

Recent revelations by CloudSEK, a leading contextual AI digital risk platform, have unveiled a troubling operation known as "#OpIndia." This orchestrated campaign involves multiple hacktivist groups and is designed to launch cyberattacks on various Indian targets, with a particular focus on the government's digital infrastructure. These attacks are motivated by a complex interplay of political factors.

The primary methods anticipated in this campaign include Mass Defacement and DDoS (Distributed Denial of Service) attacks. Team Herox, a prominent hacktivist group, issued a call to action on September 7, 2023, seeking support from fellow hacktivist organizations. Their plan is to execute a series of attacks on September 9 and 10, 2023, conveniently coinciding with the G20 summit's timeline.

Escalating Hacktivist Threats

Hacktivist activities have been on the rise, with Indian organizations finding themselves under siege from a range of attacks, including DDoS onslaughts, compromised account takeovers, and data breaches. CloudSEK's research highlights a significant surge in hacktivist attacks during the first quarter of 2023, with India emerging as a primary target.

Darshit Ashara, Head of Security Research & Threat Intelligence at CloudSEK, underscores the gravity of the situation: "Cyber attacks by hacktivist groups have grown exponentially in recent times, with India now firmly in their crosshairs. These hacktivists consistently exploit major political events, such as the G20 Summit, to gain visibility, making the government's digital infrastructure a prime target."

Also Read: Kashmiri Brother-in-Law could not show Kamal, and pressure on Nagpur police failed

Common Attack Strategies

CloudSEK's analysis has unveiled several common attack vectors employed by hacktivist groups. These tactics include using open-source HTTP Flooding tools and proxy services for DDoS attacks, sourcing compromised credentials from malware logs, exploiting website misconfigurations, capitalizing on weak passwords and leaked internal credentials, and leveraging vulnerabilities like SQL injection to access databases and administrator panels. Hacktivists also often mirror compromised and defaced websites on popular mirror sites to amplify their notoriety.

In addition to these strategies, reflective DDoS attacks have emerged as a significant threat. In these attacks, perpetrators manipulate user agents and referrer headers to make their attack traffic appear legitimate, effectively evading detection.

A Call for Vigilance

CloudSEK passionately urges organizations and authorities to remain vigilant and bolster their cybersecurity measures to counter malicious activities. In an increasingly interconnected world, collective efforts are paramount in safeguarding against cyber threats. CloudSEK is committed to providing support in this endeavor.

As India gears up to host the G20 Summit, the nation's ability to secure its digital infrastructure has become a matter of paramount importance, given the growing menace posed by hacktivist groups. Vigilance, preparedness, and a coordinated response are the keys to ensuring the safety of India's digital landscape in the face of #OpIndia and similar campaigns.

Source: https://www.the420.in/cyber-chaos-hits-delhi-mumbai-police-websites-g20-eve/