India is among the most heavily targeted nations by noted cyber espionage Transparent Tribe, a new report by cyber security firm Kaspersky warns. It says that the group will possibly target Indian military and government personnel in the future for information leak.
The group has been known in the past for its advanced cyber snooping tactics. The Kaspersky report highlights that the group has been operating since 2013 and specialises in cyber espionage of critical sectors. These include government departments, as well as military and defence.
Kaspersky states that the group has a signature, advanced remote access trojan (RAT) by the name of Crimson, which it uses to snoop on top secret data. The firm has tracked this RAT since 2017.
The cyber attacks by the Transparent Tribe often originate in the form of spear phishing. Spear phishing is a tactic where emails to the target are sent from known or trusted contacts. Since the sender is trusted, the recipient is often fooled into opening the emails and interacting with it.
These emails further carry attachments that might be in the form of a Microsoft Office document. These files are the malicious attack on the system, as they have embedded macro elements containing the group¡¯s signature Crimson RAT.?
Upon downloading the file, the attached RAT enables the attackers to take over the complete file system. The system can then be exploited for any top secret information on it. Such cyber espionage attacks by the Transparent Tribe are said to be very sophisticated.
Giampaola Dedola, cyber security expert at Kaspersky, explains that the risk is not stopping anytime soon- ¡°Transparent Tribe continues to spread Crimson RAT, infecting a large number of victims in multiple countries, mainly India and Afghanistan."
With India heading towards an increasing digitisation day by day, such cyber espionage is only expected to rise simultaneously. Even for the Transparent Tribe, Dedola affirms that the group shows no signs of slowing down its intelligence snooping activities. Such cyber attacks from other notorious entities are also expected to grow with the increase in digitisation of critical documents and infrastructure.