The Times of India has accused Chinese hackers, allegedly backed by the Chinese government, of systematically attacking Indian online assets over the past 18 months. The goal of these assaults, at least according to the paper, is to map and discover weak points within India's IT infrastructure. Such information could give China an advantage in any potential conflict, and the article implies that India has been slow to develop a retalitory system in the event of a Chinese attack.
The degree to which the Chinese government is actually involved in these attacks is still an open question, The Times' rhetoric notwithstanding. A continuing series of sophisticated and methodical assaults is no longer proof of another nation's malevolent intent, even if such attacks appear to be originating in the country in question. The same market forces responsible for the commercialization of the malware industry across the globe promote sophisticated attack vectors and a methodical approach to security probes. So the hackers behind the intrusion attempts that Indian IT workers are detecting are essentially cyber-casing the country's digital joint, and while they may be working for the Chinese government they could also just be out to make a buck.
The problem with accusing other countries of attacking one's own cybersecurity systems is that, at least to date, such accusations haven't proven particularly accurate. As we covered in January, a series of cyber attacks that the Estonian government initially blamed on the Russian government actually turned out to be the work of a disgruntled student hacker. The incident did no permanent damage to Russian-Estonian relations, but it did cause a temporary diplomatic cooling between the two countries over a set of allegations that the Russians vehemently—and apparently truthfully—denied.
