A new report from a Beijing-based cybersecurity firm says hackers associated with the US National Security Agency (NSA) were found to have placed “covert backdoors” that may have given them access to sensitive information in dozens of nations, including India, Russia, China, and Japan.
Those affiliated to one of India’s leading microbial research labs, the Institute of Microbial Technology (IMTech) under the Council of Scientific & Industrial Research, as well as the Indian Academy of Sciences in Bengaluru, were among the allegedly compromised websites identified in the study. Websites belonging to the Banaras Hindu University were also mentioned as being hacked into.
Pangu Lab, a Beijing-based cybersecurity firm, released a technical report explaining how it discovered the backdoors and linking them to “unique identifiers in the operating manuals of the National Security Agency” that were discovered in the 2013 NSA file leak by insiders. ‘Shadow Brokers’ is a term used to describe people who work in the shadows.
Beijing revealed US hacking group
“The ‘Shadow Brokers’ published two batches of hacking files claimed to be used by ‘The Equation Group’ in 2016 and 2017,” according to the report. Researchers from Pangu Lab discovered the private key that may be used to remotely trigger the backdoor Bvp47. A hacker tool belonging to ‘The Equation Group’ is in these hacking files. Further investigation revealed that the ‘Shadow Brokers’ provided various methods and attack operation manuals that are exactly consistent with the lone identifier used in the NSA network attack platform operation handbook exposed by CIA analyst Snowden in the PRISM event in 2013.”
This was “a backdoor communication method that has never been seen before, signaling an organization with great technical capabilities behind it,” according to the paper, which outlined the intricacies of how the backdoor operated. “Bvp47 has allowed the world to witness its sophistication as an advanced attack tool,” it stated. “What’s startling is that after further investigation, it was discovered that it could have been active for more than ten years.”
The study named dozens of sites — many colleges and scientific research organizations — that had apparently been penetrated in countries, including both US rivals and allies and partners, ranging from India and Japan to China and Russia.
Rebuttal to US allegations
The Chinese media is portraying the report as a rebuttal to US allegations of Chinese cyber hacking. Cyberattacks related to China have attacked a number of US organizations and have become a contentious subject in US-China relations. Chinese cyber attacks on a wide range of institutions, including government departments, have also been recorded by Indian agencies.
Last year, the Union Power Ministry said “state-sponsored” Chinese hacker groups had targeted various Indian power centers, but that the groups had been thwarted after government cyber agencies were alerted to their activities. This came after a study from a cyber security firm in the United States linked a significant power outage in Mumbai in 2020 to hacking assaults related to China.