Asia has been evolving itself in context to cyber operation ranging from offensive to defensive capabilities. The latest emergence of Israeli cyber-intelligence firm NSO Group, Facebook and its messaging service subsidiary WhatsApp filed a lawsuit against the Q Cyber-Technologies testifies the same. Post the patching of Whatsapp vulnerability it has suffered back and Asian countries now have been looking for new cyber intelligence companies to meet its rising cyber operations demands.
The rise in jihadism, Indonesia is less reticent than Kuala Lumpur and, like Singapore, it has an array of Israeli firms working for it. Nir Barak‘s Magen, sold its Wifi Mabit interceptor (IOL 794) to Indonesia, while Verint has also worked for Jakarta for some time. The country’s intelligence services, led by the Badan Intelijen Negara (BIN) and the Badan Siber dan Sandi Negara (BSSN) also use the services of Wintego, the firm founded by Nhevo Kaufman that specialises in man-in-the-middle (MITM) attacks and WhatsApp interceptions.
The intelligence services in the Philippines, which also have to contend with the rise of jihadism in the country’s southern islands, also use technology from Verint and Elta Systems subsidiaries dedicated to Signals Intelligence (SIGINT). They also rely increasingly on equipment from Germany’s Plath.
Amongst all these giants, Phronesis an Indian origin company has been making it big overseas giving Indian cyber capabilities a new edge. Phronesis which has proved its offensive cyber capabilities, during much talked about Patchwork. It has been observed that the Phronesis, which executed operations like Dropping Elephant and Monsoon, have also been linked to run the Patchwork operation on several targets in the Indian subcontinent, by utilizing a pair of EPS exploits, that seem legitimate, but are known to be malicious documents, aimed at spreading BADNEWS payload (as stated in Unit42 report), which acts as a backdoor for attackers, giving them full control of the victims machine and leveraging HTTP for communication with remote servers. It is also surprising to see that changes to BADNEWS point at the groups’ initiative to keep themselves ahead of the security community.
Another important achievement was data extraction by capitalizing on Samaa.tv article that also led to escalation of tensions between India and Pakistan in context to Kashmir conflict building India as a self-sufficient cyber capable country.