After the discovery of systems infected with an unknown family of malware at India’s Eastern Naval Command, the country has quickly pinned the blame on China. India’s accusal is based on the fact that data harvested from the infected systems was copied to a server with a IP address in China.
In addition to the IP address, China was also blamed due to tensions between the nations in the area that the Naval Command governs. Moreover, India hinted at the fact that the attackers might be looking for information about INS Arihant, India’s first nuclear sub, which is being put through the paces at the command.
Insiders who spoke to Indian Express said that there was confidential information taken during the lifespan of the infection, and there is a strong possibility that the source of the infection was a compromised USB drive found in a naval office.
Advising caution, Sophos’ Graham Cluley told the BBC, “Even if a hack is traced back to a Chinese IP address, it doesn't necessarily mean that Chinese hackers are behind the hack.”
“It's very hard to prove who is behind an attack because hackers can hijack computers on the other side of the world and get them to do their dirty work for them. In fact, they often do this to cover their tracks.”