New Delhi: India witnessed an estimated 4,90,000 cyberattacks originating from Pakistan during the T20 World Cup match between the countries’ men’s cricket teams on 24 October.
Sectrio, the cybersecurity division of Bengaluru-based telecom analytics firm Subex, wrote a blog post the day after India lost the match to Pakistan by 10 wickets in Dubai that while it is common for cyberattacks to increase when there is a geopolitical stressor, this “is the first time that such cyberattacks have been linked to a sporting event involving teams from the sub-continent”.
The Sectrio blog said for a six-day period before 24 October, its honey pot network in India registered a “steady” number of cyberattacks — about 3 lakh a day.
Sectrio monitors cyberattacks coming into India through ‘honey pots’ placed in India, which is a “a sacrificial computer system that’s intended to attract cyberattacks” so that researchers can study how the hackers operate.
“On 24 October, however, the number of attacks rose substantially to hit the 4,90,000 mark briefly, before dipping significantly towards midnight Indian Standard Time,” the blog said.
“Most of the cyberattacks were coming directly from IP addresses belonging to a certain country to the West of India (no prizes for guessing),” it added.
ThePrint has reliably learnt that the cyberattacks from Pakistan peaked around 9 pm India time on 24 October, about halfway through the match. Sectrio has traced these attacks back to around four state-backed hacker groups in Pakistan, in addition to some independent hackers.
Sectrio adds that “a few IP addresses from South East Asia and Eastern Europe” were found to be participating in these attacks on India as well. However, these IP addresses are linked to botnets that are known to be for hire and can be purchased by anyone in any country to launch an attack on a target.
A botnet is a network of “hijacked computer devices” that can be used to carry out scams and cyberattacks.
Also read: Pakistanis get another ‘mauka’. After India’s World Cup loss, they say play ludo, not cricket
What is Sectrio?
Subex rebranded its cybersecurity division as Sectrio in September this year.
The division, looking at Internet of Things solutions, has previously published findings like India was the most cyberattacked country in the world for three months in 2019, and how hackers are using coronavirus panic to target India through WhatsApp and email.
(Edited by Shreyas Sharma)
Also read: India, Pakistan cricketers’ Twitter banter blows up, Harbhajan calls Amir ‘fixer, disgrace’