New York: The cyber-spying case against the Indian government is gathering steam and could leave New Delhi red-faced.
A group of Indian hackers called “The Lords of Dharamraja” who earlier alleged the Indian government is strong-arming cell phone makers to provide backdoor access for digital surveillance on their devices said it has more proof that Indian agencies had infiltrated sensitive US government networks.
Infosec Island’s Anthony M Freed reported that one of “The Lords of Dharmaraja” hackers, who calls himself “YamaTough,” gave him 68 sets of usernames and passwords for US government network accounts. “YamaTough” told Freed the account data is just a sample of the information the hacker group, the “Lords of Dharmaraja,” copied from Indian government servers.
Reuters reported that US authorities are already investigating allegations that an Indian military intelligence unit hacked into emails of the US-China Economic and Security Review Commission (USCC) that monitors economic and security relations between the US and China. The US probe was ordered after “The Lords of Dharamraja” posted an Indian military intelligence document on cyber-spying.
The hacked memo suggests that, “in exchange for Indian market presence” mobile device manufacturers, including RIM, Nokia, and Apple (collectively defined in the document as “RINOA”) have agreed to provide backdoor access on their devices. The Indian government then “utilized backdoors provided by RINOA” to intercept internal emails of the US-China Economic and Security Review Commission.
Apple spokeswoman Trudy Muller said her company had not provided the Indian government with backdoor access to its products.
“Fox News” reported on Thursday that “YamaTough” has now provided potentially damaging evidence that the Indian government is actively engaged in spying targeting not only the USCC, but thousands of US government networks, ranging from federal agencies to computer systems used by state entities.
“Infosec Island received what was described as merely a “sample”of what the group “The Lords of Dharmaraja” claim to have in their possession. The data included 68 sets of usernames and passwords for compromised US government network accounts which were said to have been acquired by hacking multiple servers belonging to India’s Ministry of External affairs (mea.gov.in) and the National Informatics Centre (nic.in), amongst others,” Freed wrote.
“In the best interest of the federal, state and local municipalities and their constituents, Infosec Island will not publish the compromised account data. We have provided the information to the proper authorities and are fully cooperating with law enforcement,” he added.
There have been a series of cyber intrusions that have struck US institutions ranging from the Pentagon to Google. Many of the previous hacks have been blamed on China. If the US investigation finds India has engaged in cyber espionage it could prove terribly embarrassing for New Delhi.
“You can see the difference between these unfolding events and previous claims of cyber espionage. The exfiltration of terabytes of data on the US Joint Strike Fighter or last March’s theft of “24,000 documents” has never been proved,” said Forbes.
“Thanks to a hacker group in India, Infosec Island has source material that demonstrates wide spread cyber espionage on the part of the Indian Government which the hackers may publish. This is a historically significant development for those of us who track cyber espionage,” added the US magazine.
As for the hacker group’s motivations, “YamaTough” told Infosec Island that “The Lords of Dharmaraja” sought to undermine the current Indian regime in favor of a more solidly “pro-American” alternative. The hackers also have their knives out for telecom mogul Sunil Bharti Mittal, chief of Bharti Enterprises.
“Our goal is Bharti Mittal go off the political arena and stop manipulating our government,” said “YamaTough.”
“My team is pro-US, we fight for rights in our country we are not intentionally harm US companies (sometimes we do hack into (them) since our botnet is worldwide) but we do not steal credit cards and make money of it and we do not do banks, etc. Our mission — exposure of the corruption,” the hacker added.