 |
| It is often hard to know where hackers are based, even if IP addresses are traced to a certain country |
The Indian Navy is investigating a suspected hack attack.
A spokesman confirmed to the BBC that computers at its Eastern Naval Command had been infected with malware.
The announcement follows a report in The Indian Express saying that a virus had collected data from computers not linked to the internet and had sent it to IP addresses in China.
But security firm Sophos said it did not necessarily mean the hackers were based in China.
The Chinese Embassy in the UK did not provide comment.
The Eastern Naval Command has a security role on India's eastern borders, including protection of strategic and commercial assets.
'Covering tracks'
It is reported that the information might have been collected via infected USB drives.
The malware is then thought to have created a secret folder on the drives where it stored documents, and as soon as the drive was plugged into a computer connected to the web, it sent the files to specific IP addresses.
Although those IP addresses were reportedly traced to China, an analyst from security firm Sophos warned against reading too much into the detail.
"Even if a hack is traced back to a Chinese IP address, it doesn't necessarily mean that Chinese hackers are behind the hack," Graham Cluley, senior technology consultant, told the BBC.
"It's very hard to prove who is behind an attack because hackers can hijack computers on the other side of the world and get them to do their dirty work for them. In fact, they often do this to cover their tracks.
"Finding the 'smoking gun' evidence of who was behind a particular internet attack is, for this reason, often very hard to find."
Categories:
Cyber NEWS
