Increase in Cyber-Attacks on India Linked to Pakistan Officers Trained by Italian Security Firm Elettronica Group


New Delhi: People carrying out the Pak-sponsored attacks were trained by an Italian security firm that also has tied up with Indian defence PSUs.

Last year in November, a Singapore-based cyber security firm had revealed that state-sponsored cyber-attacks against India increased by 278% between 2021 and September 2023, with services companies, including information technology (IT) and business process outsourcing (BPO) firms, seeing the highest share of attacks. More significantly, during this period, targeted cyber-attacks on government agencies went up by 460%, while start-ups and small and medium enterprises (SMEs) saw a whopping increase by 508%.

Now it has emerged that people carrying out these state-sponsored attacks (read Pakistan-sponsored attacks) were trained by an Italian security firm that also has tied up with Indian defence public sector undertakings.

Confidential communication documents between an Italian cyber security firm and Pakistan Directorate Naval Intelligence, Pakistan Naval HQ, Islamabad pertaining to the period of December 2022 and January 2023 shared with The Sunday Guardian has revealed that Pakistani Navy officers, of the rank of colonel, lieutenant colonel and major, underwent a 13-week advanced training course on Malware Development for IOS, Android, Apple Operating system and Windows in Rome, Italy.

As per one of the letters that was sent in December 2022 by the Chief Representative Officer, Pakistan and Central Asia of the Italy-based Elettronica Group to Commander Muhammad Nadeem Ilyas, Directorate Naval Intelligence (Tech), Islamabad, the company representative confirmed the training module program for these Pakistan officers. This letter was sent in response to a letter sent by Commander Ilyas on 7 December 2022 seeking details on “Training Course on the Malware Developments for IOS, Android and Windows” for Pakistani military officers.

The letter by the representative of the Italian company to Commander Ilyas, among other things, has stated that: “The syllabus is divided into 2 modules that make up the training in its entirety and, for each module, an in‐depth study is carried out regarding the topics covered and the relative duration. The course is aimed at building in‐depth training on Cyber Advanced technical topics, it will be provided by the company CY4Gate and carried out in the specialised laboratories of the aforementioned company. CY4Gate is the company of the ELT group specialised in Cyber Security issues and is able to make available to the customer not only highly qualified training personnel, but also dedicated areas for the specific course’s execution, both for theoretical sessions and for practical ones with specific instruments that the customer can utilise in the company’s laboratories.”

A further six-page internal document provided to The Sunday Guardian reveals the details of the syllabus that the naval officers were taught in Rome by Elettronica and CY4Gate. They were taught, among other things, how to bypass anti-virus and security software installed in the victim’s computer. The course module specifically mentions that they will be taught how to bypass popular antivirus software’s like Kaspersky, Avast, Bit Defender, Quick Heal, Windows Defender and eSet Nod32.

They were further taught bypass techniques that can be used to inject disruptive payloads inside a system protected with the specified security countermeasures. They were given six hours’ training each day over 13 weeks in Rome at CY4GATE training laboratory that is located at Via Coponia, Rome from January to March 2023.

Those who took the training included one colonel, two lieutenant colonels and seven majors. All of them were provided single-room accommodation at hotel Adagio situated on Via Damiano Chiesa, Rome which is just 10 minutes’ walking distance from the Vatican. The single day room rent for this hotel is 25,000 Pakistani rupee per day.

What is likely to raise serious voices of concern in the North Block and South Block is the fact that Elettronica and CY4Gate are working in India too. They were incorporated in India on 12 November 2008 and operate from an office in Hauz Khas.

In February 2019, state-owned Bharat Electronics Limited (BEL) and Elettronica signed a Memorandum of Understanding (MoU) for new generation electronic warfare surveillance systems. The MoU allowed BEL and ELT Group to jointly develop, manufacture and supply new surveillance systems for the Ministry of Defence.

As per the company brochure, Elettronica has been at the forefront of the Electronic Warfare sector for almost 70 years, supplying over 3,000 high-tech systems to the armed forces and governments of 30 countries. The Elettronica systems are designed for a variety of key operational missions, from strategic surveillance, self-protection, Sigint, electronic defence and operational support for air, naval and land applications. The company boasts a strong list of successful national and international collaborations on all major modern military platforms like the Tornado fighter, the Eurofighter Typhoon, the NFH-90 helicopter, the Italian PPA platform, the Italian and French ships Horizon and FREMM, and a wide range of projects in various countries worldwide.

What should also worry other global democratic setups is the fact that the Pakistani defence establishment was spending so much on training its men on disruptive cyber methods, denoting that this method of warfare was going to increase exponentially in the coming days.

The military hacking, similar to what North Korea has been accused of indulging in, is likely to be used to harm institutions in India, Israel, the United States, Netherlands and Sweden. Apart from strategic and military gains, these hacking attempts have also brought financial gains for the perpetrators, something that the Pakistani defence establishment are in very much need of. Similarly, these skill sets are likely being used to harm the political parties and individuals operating in Pakistan and who are seen as anti-establishment.

It is pertinent to mention that during the G20 Summit last year, the government’s official website for the event faced a relentless onslaught of cyber-attacks, with an average of 16 lakh attacks every minute, or 26,000 attacks per second. The Sunday Guardian’s email to the media team of Elettronica seeking their response on these developments went unanswered.