Chinese hackers are believed to be snooping on information related to the Sino-India border dispute and Tibetan exile groups in India since 2012, a US-based cyber-security firm has claimed.
The hackers were detected in April ahead of Prime Minister Narendra Modi’s visit to China in May and they are still conducting attacks, cyber-security firm FireEye said.
One advanced team has been zeroing in on organisations there to steal information related to border disputes and Tibetan exile groups, Hong Kong-based South China Morning Post quoted a FireEye statement as saying.
“Over the past four years, this threat group has (targeted) over 100 victims, approximately 70 per cent of which were in India,” it said.
In April, FireEye had reported that a separate Chinese hacking team, APT30, had been spying on governments and businesses in Southeast Asia and India uninterrupted for a decade, echoing claims made by researchers at US firm McAfee in 2011.
China had refuted it strongly such allegations in April.
“I want to stress that the Chinese government firmly bans and crackdown on all forms of hacker attacks,” Chinese Foreign Ministry spokesman, Hong Lei had said in response to the allegations by FireEye.
The new report said the APT hacker group “also targeted Tibetan activists and others in Southeast Asia, with a focus on governmental, diplomatic, scientific and educational organisations.”
China has viewed Tibetan groups in India with suspicion ever since the Dalai Lama fled China in 1959 to establish the Central Tibetan Administration, more commonly known as the Tibetan government-in-exile, in Dharamsala.
Unrest in China’s Tibetan autonomous region in the run-up to the 2008 Beijing Olympics led to a crackdown by Chinese authorities and protests by Tibetan groups in India, Europe and North America.
A spate of self-immolations in the Himalayan province in 2012 spurred another security crackdown.
Over 130 Tibetans committed self immolations in recent years, according to overseas Tibetan groups.
China has long been accused of spying on Tibetan groups in India, including the Tibet government-in-exile and the Dalai Lama, the Post report said.
In 2009, researchers at the Information Warfare Monitor, a Canadian NGO, accused Chinese hacking groups of breaking into computers at Tibetan government-in-exile organisations in London, New York and Dharamsala.
“Malware attacks against ethnic minority groups in China including Tibetans and Uygurs, and religious groups such as Falun Gong, go back to at least 2002, and possibly earlier,” according to the University of Toronto’s Citizen Lab, which monitors cybersecurity issues.
While pinpointing the culprits for any given hack attack can be very difficult, FireEye experts told the Post that, at least in terms of the latest campaign, all signs pointed to China.
They said the attackers were “well-resourced, with long-term objectives”, and conducted operations around the clock, indicating high levels of discipline and funding.
The malware used also pointed to China.
“Collecting intelligence on India remains a key strategic goal for China-based APT groups,” Bryce Boland, FireEye chief technology officer for Asia-Pacific said.
“These attacks on India and its neighbouring countries reflect growing interest in (India’s) foreign affairs,” he was quoted by the Post as saying.