Photographer: Simon Dawson/Bloomberg

China-Based Hackers Target Indian Diplomatic Files, FireEye Says

Hackers based in China are believed to be targeting India and its neighbors to obtain information on border disputes and diplomatic intelligence, according to cyber security company FireEye Inc.

An advanced campaign over the past four years has targeted more than 100 people, 70 percent of whom are in India, according to a statement from the Milpitas, California-based company. Earlier this year it identified a decade-long cyber espionage operation against businesses and governments in Southeast Asia.

“These attacks on India and its neighbouring countries reflect growing interest in its foreign affairs,” Bryce Boland, FireEye’s chief technology officer for Asia Pacific, said in the statement. The company said the attacks on India and its neighbors are now “commonplace.”

Cyber attacks in India have grown in recent years. The National Crime Records Bureau reported a 70 percent increase in cyber-crime cases in 2014, though the most common was the publication of information deemed to be “grossly offensive.”

China and India, which fought a war in 1962, vie for global energy resources. A spy ring traced back to China accessed documents on India’s military missile programs, security assessments of states bordering China, and files from Indian embassies, the Information Warfare Monitor, a research group associated with the University of Toronto, said in 2010.

FireEye said the hackers sent so-called spear phishing e-mails with Microsoft Word attachments appearing to relate to regional issues. Those messages contained a script which would create a “backdoor” in infected machines, allowing access to programs without detection by security measures.

The hackers were also active in April, about a month ahead of Indian Prime Minister Narendra Modi’s visit to China, FireEye said. They also targeted Tibetan activists and others in Southeast Asia, in particular government, diplomatic, scientific and educational organizations, the company said.

Before it's here, it's on the Bloomberg Terminal. LEARN MORE