CloudSEK's contextual AI digital risk platform, XVigil, observed that the government's digital infrastructure is the primary target of hacktivists.

Hackers From Pakistan and Indonesia Plotting To Breach Government Digital Infrastructure During G20 Summit

As India gears up for the much-awaited G20 summit here in the capital over the weekend, researchers from domestic cyber security firm CloudSEK have uncovered a plan by several Pakistani and Indonesian hacktivist groups to launch cyber attacks on India.

CloudSEK’s contextual AI digital risk platform XVigil found that government digital infrastructure is a prime target for hacktivists.

“This orchestrated campaign, known as #OpIndia, is motivated by a complex network of political actors and many of the attacks are seen as retaliatory strikes in the ongoing hacktivist warfare between nations. The primary attack methods envisioned in this campaign are Mass Defacement and Distributed Denial of Service (DDoS) attacks, researchers note.

The ominous call to action was heard on September 7 when Team Herox, a hacktivist group, sent a message on the encrypted messaging platform Telegram.

“They sought support from other hacktivist organizations to join forces for attacks on September 9-10, which perfectly fit the timeline of the G20 summit,” the researchers said.

Hacktivist groups have previously planned cyber attacks on both public and private Indian organizations. Tactics range from DDoS attacks to hijacking of compromised accounts and security breaches.

“These hacktivists consistently exploit major political events such as the G20 summit to gain visibility, making government digital infrastructure a prime target. The coordinated efforts by Pakistani and Indonesian hacktivist groups to target India’s G20 summit with planned cyber attacks is a stark reminder of the digital threats nations face,” said Darshit Ashara, director of security research and threat intelligence at CloudSEK.

Researchers highlighted a similar view of a recent hacktivist campaign that targeted more than 1,000 Indian websites as part of the Independence Day campaign in August.

Organized by hacktivist groups from various countries, the campaign used tactics such as DDoS attacks, corruption attacks, and user account hijacking, echoing patterns previously highlighted in CloudSEK’s Hacktivist Warfare report.

The report also reveals a significant spike in hacktivist attacks in the first quarter of 2023, with India emerging as the primary focus of attacks.

“Our mission is to stay ahead of these evolving risks and empower organizations and individuals to strengthen their digital defenses,” added Ashara. CloudSEK urged organizations and authorities to remain vigilant and step up their cyber security efforts to prevent these malicious activities.