G20 Meet Faces China-Pak Cyber Threat, Indonesian ‘OpIndia’ Blitz: Report

New Delhi: Various hacker groups, mainly those that have religious inclinations with support from various other hacktivist groups and countries, are likely to attack government-private websites, leaking data of government websites, stealing data, making websites unavailable, sending huge traffic packets, DDoS attacks, defacement attacks, and user account takeover, etc. during the G2o summit.

The Ministry of Home Affairs (MHA) has said that malicious threat actors are likely to target the banking sector. It has issued an advisory to all banks regarding hacker groups targeting the banking and finance sector in light of the summit in New Delhi on September 9-10.

Authorities have observed that various cyber threat actor groups have been claiming credit for Distributed Denial-of-Service  (DDoS) attacks on the banking sector. On Thursday, a DDOS strike was attempted on a major Indian bank by a foreign group, News18 reported.

“In view of the above, Banks are requested to closely monitor their IT infrastructure for such attempts as they are likely to intensify in the coming days,” MHA’s advisory said.

The groups are using various hashtags to target Indian cyberspace, such as #OPINDIA, #CYBERERRORSYSTEM, #JAMBICYBERTEAM, #GARUDASECURITY, etc.

Multiple media reports have indicated that Indian agencies are on high alert to secure cyberspace, with a particular emphasis on protecting government websites from potential cyberwarfare, including threats from China-Pakistan cyber warriors. But apparently, the G20 event is attracting more cybercriminals, including those from Indonesia, the report added.

Indonesian hacktivist groups, including Ganonsec and Jambi Cyber Team, have announced their intentions to target Indian organisations and launched a campaign named ‘OpIndia’, pledging to disrupt India’s digital infrastructure. The announcement of the cyberattack was made by the Indonesian hacktivists on their Telegram channel.

FalconFeedsio, a cyber threat intelligence platform, has reported on this escalating threat on social media site X. In a post on September 7, they shared the screenshot of the Telegram message. It reads: “We invite all Muslim hackers and hacktivists. You join our Operation India. Are you ready to join #OpIndia? Date:- 9 and 10 September 2023. “Same Date on G20 summit”. Great #Team_Herox #ACEH_ABOUT_HACKED_WORLD #GanoSec_Team. Soon….”

The screenshot shared by FalconFeedsio included a poster for this campaign and a text that stated: “ARE YOU READY TO PARTY IN INDIAN EVENT KTT G20? Note: Don’t blame us because this is the answer to your challenges who want to target Indonesia. Look this time it will be more lively than before. #OPINDIA #HacktisitIndonesia”.

The X handle on September 5 alerted the Indian Computer Emergency Response Team (CERT-In) by posting a threat alert, which included a screenshot of another Telegram message, stating: “Hacktivist Indonesia – Ganonsec – Jambi Cyber Team #OpIndia 9 September 2023 sampai waktu tidak ditentukan (which roughly translates to ‘until time is not specified’).”

CERT-In is at the forefront of India’s cybersecurity efforts for the G20 summit.