Further to "Australia Striking Back Against COVID Exploiting Cyber Adversaries"
Pete Comment
![]()
![]()
Also interception can be made between the landfall in India (or Australia, etc) and main telephone or internet exchanges or in a telephone or internet exchange (especially exchange worker inside jobs, for money, blackmail or false flag).
of April 12, 2020.
I looked at India's NSA the NTRO's website https://ntro.gov.in/ntroWeb/loadPublicationsHome.do
and came upon its information security April 2020 newsletter
https://nciipc.gov.in/documents/NCIIPC_Newsletter_Apr20.pdf which, on page 3 usefully advises:
"Dear Readers,
The world is witnessing an unprecedented situation caused by COVID-19 pandemic. While its Economic, Social and Health impacts are being extensively reported, its impact on Critical Information Infrastructure is equally challenging.
A notable increase in the number of domains created using the words ‘Corona’ or ‘Covid-19’ have been detected. A vast majority of these are malicious aimed at stealing credentials. Readers who have visited such domains are advised to ‘Reset’ their passwords immediately.
Another modus operandi being used by the Threat Actors is to send out legitimate looking Corona related advisories impersonating as officials from government/health organizations, through malicious e-mail attachments.
In view of the lockdown, several critical sector entities have relaxed their geo-fencing restrictions to allow their personnel to log-in and work from home. This has increased the attack surface available to Threat Actors."
and came upon its information security April 2020 newsletter
https://nciipc.gov.in/documents/NCIIPC_Newsletter_Apr20.pdf which, on page 3 usefully advises:
"Dear Readers,
The world is witnessing an unprecedented situation caused by COVID-19 pandemic. While its Economic, Social and Health impacts are being extensively reported, its impact on Critical Information Infrastructure is equally challenging.
A notable increase in the number of domains created using the words ‘Corona’ or ‘Covid-19’ have been detected. A vast majority of these are malicious aimed at stealing credentials. Readers who have visited such domains are advised to ‘Reset’ their passwords immediately.
Another modus operandi being used by the Threat Actors is to send out legitimate looking Corona related advisories impersonating as officials from government/health organizations, through malicious e-mail attachments.
In view of the lockdown, several critical sector entities have relaxed their geo-fencing restrictions to allow their personnel to log-in and work from home. This has increased the attack surface available to Threat Actors."
Pete Comment
China's NSA (combining MSS and PLA Third Department elements) is headquartered in northwest Beijing. China's international sigint reach now can include most satellite and soon any undersea cable links. eg. Chinese submarines and surface vessels (increasingly using deeper diving Remotely Operated Underwater Vehicles (ROVs) can splice fibre-optic cables making landfall in India (see below).
Cable Landing Stations in India (Map courtesy: Telegeography via Submarine Cable Networks)
---
Bigger picture of submarine cable connections, eg. India and Australia
(Map courtesy Australia's ABC)
---
Also interception can be made between the landfall in India (or Australia, etc) and main telephone or internet exchanges or in a telephone or internet exchange (especially exchange worker inside jobs, for money, blackmail or false flag).
Pete