Indian hackers are responsible for the majority of ransomware attacks in Pakistan, according to a study conducted by Pakistani Cybersecurity firm, Tier3.
About 80% of the ransomware attacks discovered during the past 12 months were from India. The cyber war between Pakistan and India keeps intensifying day by day. According to a Russian security firm, Kaspersky Lab,
“At least some of the activity appears tied to the availability of educated and skilled code developers in India and within neighboring countries, like Bangladesh.”
Ransomware is derived from “Ransom Malicious Software” which locks users out of their PC or phones and ask them to pay a certain amount of money in order to get the control back, an example is Locky malware. Ransomware ecosystem is constantly evolving globally and everyone from highly skilled developers to script kiddies is, on some levels, involved in cyber extortion. A senior malware analyst at Tier 3 said,
“Some of these groups are making tens of thousands of Indian Rupees a day from their extortion campaigns. Those participating in the ecosystem appear to be doing so with impunity…. Criminals are living in an illusion of safeness. In reality, even though they use crypto currencies, they leave lots of different artifacts behind. These artifacts often help us to understand how they operate and to collect enough valuable information to help identify individual participants.”
The cyber security firms can identify them by tracing their digital footprints but the process takes time. Most of such hackers are not directly involved in the extortion process. They provide their code or “builder” to the other people or criminals in the market in exchange of money or bitcoins.
In addition to the ransomware attacks, some hackers from Pakistan and India just deface the websites of each other’s Governments such as when Pakistani hacker hijacked India’s NSG website and Indian hackers defaced the website of District Lahore etc.