India News | Cisco Talos Warns of Cyber Attack Campaign That Targets Government Employees, Military Personnel in India

New Delhi, Sep 23 (PTI) Cisco Talos - the threat intelligence unit of Cisco - on Thursday said it has recently discovered a cyber attack campaign that targets government employees and military personnel in India.

Cisco Talos has published its findings in a blog post, outlining how 'Armor Piercer' distributes malicious documents to deliver Remote Access Trojans (RATs) and gain access to highly confidential information related to government and defence agencies.

Also Read | Leh-Ladakh Tour Package Launched By IRCTC; 7-Day Trip to Begin From Lucknow On September 26, Check Price And Package Details.

"The lures used in this campaign are predominantly around operational documents pertaining to 'Kavach', a two-factor authentication (2FA) app operated by India's National Informatics Centre (NIC) and used by government employees to access their emails," it added.

Cisco Talos said the earliest instance of this campaign was observed in December 2020, utilising malicious MS Office documents, known as maldocs, disguised as security advisories, meeting schedules, software installation guides, etc.

Also Read | Haryana CM Manohar Lal Khattar Seeks Easing of Anti-Pollution Rules in NCR During Meeting To Improve Air Quality Ahead of Winter.

It added that the campaign was found to be using multiple techniques and evolved to obfuscate itself and remain in the victim's environment, evading standard detection techniques.

The blog noted that the campaign has been ongoing since the end of 2020 and continues to operate today.

Cisco Director Security Business (India and SAARC) Vishak Raman said operation Armor Piercer is a grim reminder of the vulnerabilities still existing in the cybersecurity posture.

"To ensure end-to-end security of India's most precious assets and information, government and defence agencies must implement a layered defence strategy that enables comprehensive visibility and coverage across all endpoints, accelerates response by leveraging automation and orchestration to enrich data, and reduces massive data sets into actionable insights through AI/ML and data analytics," he added.

Essentially, security must not be bolted on, rather built into every system and process to ensure infallible protection of people and assets, he emphasised.

(The above story is verified and authored by Press Trust of India (PTI) staff. PTI, India’s premier news agency, employs more than 400 journalists and 500 stringers to cover almost every district and small town in India.. The views appearing in the above post do not reflect the opinions of LatestLY)