Chinese hackers threaten India's critical infrastructure: CEO, Recorded Future

Interview/ Christopher Ahlberg, CEO, Recorded Future


Your latest reports say China intensified cyberattacks during the 2020 Galwan valley clashes.

When the clashes happened on the India-China border, cyber incursions took place simultaneously, infiltrating power dispatch centres in India.

Over the past two years, we have seen 60 intrusions in India from a series of actors from China’s ministry of state security and the PLA, targeting government, defence and telecommunications. We zeroed down on the exact locations of a Chinese cyber unit in the Xinjiang province and after we put it up on a map and published it, there were strong denials from the Chinese government.

China has been targeting the United States, stealing not just intellectual property, but also defence technologies. But after the US-China agreement in 2015 that neither government would support or conduct theft of intellectual property and would follow appropriate norms of state behaviour in cyberspace, China shifted focus and India ended up in its crosshairs.

Are you engaging with the Indian government?

Yes. We love to collaborate with India and are looking out for the government. We have found Chinese hackers targeting media, health care, defence, telecommunication, power and other critical infrastructure. The hackers are also trying to create databases of soldiers and journalists by stealing their information as they scout for targets who can be recruited as spies. We have pre-notified Indian authorities on a number of attacks.

Is India transparent in acknowledging its cyber vulnerabilities?

The US was doing the same thing until ten years ago. It denied everything, but over a period of time, people have learnt the advantage of disclosures. The new directive by the Joe Biden administration is that any breach has to be reported within 48 hours.

India may have a similar law at some point. The best information security officer is the one who comes out and says that this is the problem and shares the incident which can then become intelligence for the rest of the world.

Does India need to build more cyber defence capabilities?

India is disproportionately strong in information technology capabilities, but less invested in security. It is possible for India to catch up since it does not have to work from scratch, but simply divert some money into security. Right now, if you look at America, the department of homeland security is very open and uses social media to talk about cyberthreats (like increasing ransomware attacks in the health care sector or the cyberattacks during the 2016 elections) and there is so much collaboration between the NSA, the FBI and those who want to work in the field. India can do the same.

Another challenge India may need to address soon is that Indian companies run a large number of IT supply chains. When there is a problem, there are a million questions worrying the clients. We are impressed by the efforts of Indian outsourcing companies and we are confident that they will plug the gaps.