Hackers have breached information systems belonging to the Indian Navy, stealing sensitive data and shipping it to computers with Chinese IP addresses, according to a report in India’s Sunday Express newspaper.
Systems at India’s Eastern Naval Command, which runs the country’s naval operations in the South China Sea, were found to be infected with malware in February this year. The malware collected and transmitted confidential files and documents to Chinese IP addresses, the Express claims.
Citing "sources", the Express reports that the malware was found hidden in USB drives that were being used to transfer data from standalone computers to other systems.
The Indian Navy only stores sensitive data on computers that are not connected to the Internet, and those computers are not supposed to have ports or access points for USB drives.
The malware collected files and documents containing predetermined keywords and saved them to a hidden folder on the USB stick, the report says. Those files were sent to Chinese IP addresses as soon as the stick was plugged into a computer with an internet connection.
In a statement, the Indian Navy said: "An inquiry has been convened and findings of the report are awaited. It needs to be mentioned that there is a constant threat in the cyber domain from inimical hackers worldwide."
"At least six" officers have been indicted for "procedural lapses that led to the security breach" the Express reports.
This is not the first time that China has been implicated in security attacks on the Indian government. In 2010, a report from the University of Toronto alleged that Chinese hackers had accessed Indian military systems, an allegation the Chinese government denied.
Soon after, India banned the import of Chinese telecommunications equipment on security grounds.