'Cyber Attacks On India Continue Despite Truce,' Says Maharashtra Cyber Chief

Cyber attacks targeting India have continued even after the India–Pakistan ceasefire agreement. According to Maharashtra Cyber, these attacks primarily originate from Pakistan, Bangladesh, Indonesia, Morocco, and several Middle Eastern countries.

Yashasvi Yadav, Additional Director General of Police for Maharashtra Cyber, stated, “While the frequency of attacks has declined since the ceasefire, they have not completely stopped. Since the Pahalgam incident, 1.5 millions of cyber attacks have been recorded in India, with 150 confirmed instances of successful system breaches.”

Following the terrorist attack on tourists in Pahalgam on April 22, Maharashtra Cyber has reported that several major cyber attacks are being planned against India. Their analytics team has uncovered evidence of a coordinated campaign, code-named 'Roar of Sindoor', and shared relevant intelligence with national agencies to avoid the threat.

The report reveals that these cyber operations are not limited to technical disruption but are also part of a broader effort to create social instability through the spread of misinformation and fake narratives. This follows an earlier report titled 'Echoes of Pahalgam', which played a key role in preventing several significant cyber threats.

According to Maharashtra Cyber, the groups responsible for these attacks have been identified. They include some of the most dangerous hacker groups in the region, such as APT-36, Team Insane PK, Mysterious Team, Hoax377 and National Pakistan Allied Group. Yadav noted, “The primary targets have been India’s defense establishments, energy sector, banking infrastructure, and critical data systems. The attackers have claimed responsibility for stolen data of Mumbai Airport, Badlapur Municipal Corporation website, and a defence nursing college in Jalandhar. They have also claimed to target the Election Commission and aviation sector.”

Maharashtra Cyber has compiled a comprehensive report, which has been distributed to all relevant departments. The threat is described as part of a larger 'hybrid war'.

Yadav also warned that sleeper cells within India may be supporting these cyber and information attacks.

The attackers reportedly published their findings on the dark web. Maharashtra Cyber has urged all establishments to conduct mandatory cybersecurity audits, emphasising the seriousness of the hybrid warfare currently underway.

The most common tactic used by these attackers has been distributed denial of service (DDoS) attacks, which flood websites with fake traffic until they become inoperable. Other strategies include defacing government websites by altering content or inserting objectionable material, and attempting to gain unauthorised access to data centers.