Cyber spy group Suckfly to continue targeting Indian government: Symantec

Updated on : May 18,2016   4:32 pm

New Delhi, May 18 (IANS) Global cyber security leader Symantec on Wednesday warned of continued cyber attacks on Indian government and commercial organisations by advanced cyber espionage group Suckfly.

In a blog post publishing activities of Suckfly, Symantec said it believes that the cyber espionage group will continue to target organisations in India and other countries.

Suckfly is known to have conducted cyber attacks on several Indian government and commercial organisations over a two-year period.

"Suckfly has the resources to develop malware, purchase infrastructure, and conduct targeted attacks for years while staying off the radar of security organisations. During this time, they were able to steal digital certificates from South Korean companies and launch attacks against Indian and Saudi Arabian government organisations," said Symantec in its blog post.

"The Indian targets show a greater amount of post-infection activity than targets in the other regions. This states that these attacks were part of a planned operation against specific targets in India," the blog post read.

Symantec also identified, without naming, global targets across several industries that include one of India's largest financial organisations, a large e-commerce company, one of India's top five IT firms, a US health care provider's Indian business unit and two government organisations.

"An Indian government (organisation) is linked to departments of India's central government and is responsible for implementing network software for different ministries and departments. The high infection rate for this target is likely because of the organisation's access, technology and information that it has on other Indian government organisations," the post further read.

Suckfly's attacks on government organisations that provide information technology services to other government branches is not limited to India.

They have conducted attacks on similar organisations in Saudi Arabia, likely because of the access that those organisations have, said Symantec.

--IANS

anuj/na/dg