- Suspected Chinese group snooping India
- Group accessed Inaccessible Indian govt files
- tapped classified networks including Indian aerospace
- Defence and telecommunication too snooped
A suspected Chinese-government sponsored group is understood to have snooped on inaccessible government computer networks in India for over a decade, a cyber security group here claimed on Monday.
The group termed as APT30 touted to be longest-running advanced threat groups, possibly tapped classified government networks and other networks inaccessible from a standard Internet connection, cyber security provider FireEye has claimed.
Indian researchers have also discovered APT30 suspicious activity at Indian organisations besides FireEye identifying alerts from APT30 malware at the computer network of its Indian customers which include an Indian aerospace and Defence Company and an Indian telecommunications firm, it claimed.
"Such a sustained, planned development effort, coupled with the group's regional targets and mission, lead us to believe that this activity is state sponsored most likely by the Chinese government," the cyber security group claimed.
Giving details of the modus operandi of the group, FireEye claimed that APT30 deployed customised malware for use in specific campaigns targeting ASEAN members or nations with close ties or interests aligned with ASEAN states in January 2013 and April 2013 which included ASEAN-India Commemorative Summit held here between December 12-20, 2012.
"We suspected that we were peering into a regionally focused cyber espionage operation. The malware revealed a decade-long operation focused on targets government and commercial who hold key political, economic, and military information about the region”.