Hackers targeted over 1,000 Indian websites as part of their Independence Day campaign under the hashtag OpIndia, cyber-security researchers revealed on Friday. The malicious campaign, orchestrated by hacktivist groups from various countries, utilized tactics such as DDoS attacks, defacement attacks, and user account takeovers, according to the CloudSEK team.
The hacktivist campaign on Independence Day, driven by political and religious motives, focused on vulnerable websites with lower security measures and digital infrastructure across sectors including government, education, BFSI (banking, financial services, and insurance), and small businesses.
Government and BFSI sectors bore the brunt of DDoS attacks, whereas education and small businesses suffered bulk defacement attacks and access panel takeovers, the report noted.
“Despite their current limitations, these groups could become a significant threat to countries in the near future. The rise in collaboration and easy access to attack tools and data, combined with potential support from state-sponsored hackers, might amplify their impact,” said Abhinav Pandey, cyber threat researcher, CloudSEK
The cyber-security firm said it informed all the organizations and companies targeted by hacktivists.
While hacktivist groups from Pakistan, Bangladesh, and other nations directed their efforts toward Indian websites, CloudSEK’s research indicates that the claims of DDoS attacks and user account takeovers have been exaggerated for attention and fame.
“These claims, often made in their communication channels, have not been fully verified by CloudSEK researchers. However, the tactics and tools used by the hacktivist groups closely align with the findings presented in CloudSEK’s Hacktivism Whitepaper,” the company said.
Responding to attacks on Indian infrastructure, Indian factions employed similar strategies, targeting websites associated with Bangladesh’s air force, military, army, and national revenue board, as well as a range of Pakistani ministries and government entities.
The cyber-security agency also revealed a significant spike in hacktivist attacks during the first quarter of 2023 with India emerging as the primary focus of attacks, closely followed by Israel, Poland, Australia, and Pakistan.