The report's findings show that the modus operandi of the group was to send high-profile government targets emails that contained malicious payloads designed to capture sensitive information. We missed this earlier: Researchers at Seqrite, the cybersecurity arm of Quick Heal technologies, claim that they have found sophisticated phishing attempts targeting Indian critical infrastructure PSUs across sectors of finance, power, and telecom by a Pakistan-linked group. Further, in a report published by the firm on July 9, it said that the attacks were targeted to get access to sensitive information "including screenshots, keystrokes, & files from the affected system". MediaNama has reached out to the Indian Computer Emergency Response Team (CERT-In) to confirm the alleged attempts after a Seqrite spokesperson said that following the discovery, its researchers had alerted CERT-In and NCIIPC and that they were working with government authorities to protect possible targets. We will update this report when we receive a response. Why does this matter: In 2019, the Chennai-based Kudankulam nuclear plant was affected by a cyber attack. Following this, investigations were carried out by the Computer & Information Security Advisory Group (CISAG) of the Department of Atomic Energy (DAE) along with CERT-In. While, in recent Parliamentary responses, the government has denied that there have been successful cyberattacks on power grids, it revealed that a total number of 454 (2018), 472 (2019), 280 (2020), and 138 (2021, up to June) phishing incidents were observed by CERT-In. However, in its responses, the government has acknowledged that there have been multiple…
