Cyber Crime
300% Surge in Cyber Attack – Here Is How Hacktivist Groups Are Targeting India’s General Election
– Cyber-attacks spike ahead of India’s 2024 election, with hacktivist groups targeting voter data.
– Resecurity identifies 16 groups exploiting geopolitical tensions to disrupt electoral integrity.
New Delhi – As India prepares for its general election from April 19 to June 1, 2024, US based cybersecurity firm Resecurity has identified a significant surge in cyber-attacks targeting the electoral process. These attacks, orchestrated by various independent hacktivist groups, aim to disrupt the election and compromise the personal identifiable information (PII) of Indian citizens. The election, which will determine all 543 members of the Lok Sabha, faces unprecedented cyber threats amid a tense geopolitical climate.
A Spike in Cyber Activity Linked to #OpIndia and #OpIsrael Campaigns
The increase in cyber-attacks traces back to the #OpIndia campaign, launched last year, which saw a dramatic rise—nearly 300%—following the initiation of #OpIsrael. This coincided with heightened online protests related to the Israel-Gaza crisis. With a population of over 1.4 billion people and a GDP exceeding $3.4 trillion, India has become a prime target for foreign threat actors and nation-state groups.
ALSO READ: Join the Movement: Future Crime Research Foundation Launches State Chapters to Build a Cyber-Safe India
CLICK THIS LINK TO BECOME DOMAIN LEAD
Resecurity’s latest report emphasizes the importance of securing elections from cyber threats to preserve the global democratic order, especially given the current geopolitical volatility in the Middle East and Eastern Europe. The report highlights similar patterns of cyber-attacks observed in elections across 17 other countries, underscoring the need for vigilance and robust cybersecurity measures.
ALSO READ: After Revolt in Cambodian Scam Compounds, MHA and MEA Swing into Action: Here’s How They’re Fighting Back
Key Threat Groups and Their Activities
Resecurity has identified 16 hacktivist groups as the primary perpetrators behind the attacks on India’s election infrastructure. These groups include:
- Anon Black Flag | Indonesia
- Anonymous Bangladesh
- Morocco Black Cyber Army
- Toxcar Cyber Team
- Islamic Cyber Team
- Lulzsec Indonesia
- TEAM CYBER MAFIA
- ANON TEN BD
- Ketapang Grey Hat Team
- ANON SEC BD
- Team Ahadun Ahad (2.0)
- Bangladesh Dark Net
- Nixon Cyber Team
- Cyber Sheild Force BD
- UnitedSec-313
- Sylhet Gang
These groups have targeted various sectors, including law enforcement, government, healthcare, financial, educational, and private organizations in India, exploiting geopolitical narratives to sow discord and confusion.
Leaked Voter ID Cards and PII
A significant concern raised by Resecurity is the leaking of Voter ID cards on the Dark Web. These identity documents, issued by the Election Commission of India, have been compromised, potentially from third-party entities involved in Know-Your-Customer (KYC) processes. Resecurity has alerted law enforcement and federal authorities to these breaches, providing samples of the leaked data.
The primary objective of these leaks is to undermine public confidence in the election system by suggesting vulnerabilities that do not necessarily exist. Instead, these leaks are often the result of identity theft from compromised systems used for lending, insurance, and other services requiring KYC documentation.
ALSO READ: Personal and Covid Vaccination Data of 820,000 Dominicans Leaked Online: Resecurity
Public Opinion Manipulation and Influence Campaigns
In addition to data breaches, Resecurity has observed several campaigns aimed at manipulating public opinion and creating distrust in the government. These campaigns often target high-profile leaders, including the Prime Minister, and seek to incite social conflict between different population groups in India.
By combining data leaks, website defacements, and politically charged narratives, these groups aim to blur the lines of attribution and operate under the guise of independent hacktivists. Their coordinated efforts suggest external influences, possibly nation-state actors seeking to destabilize India.
READ THE FULL REPORT HERE: Cybercriminals Are Targeting Elections In India With Influence Campaigns
Geopolitical Exploitation and “False Flags”
Recent geopolitical developments, such as the shift in Maldives’ foreign policy under President Mohamed Muizzu, have also been exploited by cyber threat actors. Pro-India cyber groups have launched attacks on key Maldivian institutions, potentially as a false flag operation to amplify tensions between India and Maldives.
This activity highlights the broader strategy of cyber-influence operations aimed at affecting foreign policy and creating geopolitical instability. Resecurity emphasizes the need for diplomatic channels and thorough investigation to mitigate such risks and promote cyber peace.
Risk Mitigation and Public Awareness
To counter these threats, Resecurity advises strict adherence to data protection regulations and robust security measures to safeguard digital identity data. Increasing cybersecurity awareness among Indian citizens is crucial to prevent the spread of disinformation and maintain trust in the electoral process.
Key Recommendations for Indian Citizens:
- Stay Informed: Keep updated with reliable sources of information and be wary of disinformation campaigns.
- Secure Personal Data: Protect your personal information by following best cybersecurity practices.
- Report Suspicious Activity: If you encounter suspicious online activity or data leaks, report it to the relevant authorities immediately.
- Verify Sources: Always verify the credibility of the information before reacting or sharing it.
As India approaches its general election, the surge in cyber-attacks underscores the importance of cybersecurity in protecting democratic processes. Resecurity’s findings serve as a crucial reminder of the need for vigilance and proactive measures to counteract the efforts of malicious actors aiming to disrupt the electoral system and undermine public trust.
For more updates and detailed insights, stay tuned as we continue to monitor the situation closely.