Chinese hackers most likely targeting India: Experts

NEW DELHI (AFP) - Cyber spies most probably based in China have been snooping on Indian government bodies and universities since 2012 for sensitive material on its rival neighbour, Internet security company FireEye said on Friday.

FireEye said the hackers seemed particularly interested in India's border dispute with neighbouring giant China as well as information on Tibetan activists.

"Its targets appear to be of particular interest to the Chinese government, such as Tibetan activists," a company spokesman told AFP.

"It's also well resourced and works around the clock. We found indicators in their malware that the group behind it may speak Chinese."

The hackers sent phishing e-mails with attachments containing a script called watermain which when opened allowed them to infect and access computers.

FireEye said this particular problem with India's cyber security systems has been "patched".

Experts have questioned India's cyber defences in recent years for reasons including the fact that many government officials still use Hotmail and Gmail in their official communications.

There was no immediate reaction from China, but Beijing has always denied allegations of cyber espionage.

India and China, which fought a brief but bloody war in 1962, have long been embroiled in a bitter dispute over their border, with both sides regularly accusing soldiers of crossing over into the other's territory.

Another major irritant in their ties has been the presence of Tibet's exiled leader the Dalai Lama who has made India his home since fleeing a failed uprising against Chinese rule in 1959.

India has also been wary of China's expansionist ambitions in the region including in Sri Lanka and Nepal which New Delhi considers to be in its sphere of influence.

"Collecting intelligence on India remains a key strategic goal for China-based APT (advanced persistent threat) groups," Mr Bryce Boland, FireEye's chief technology officer for the Asia Pacific, said.

The company warned April that a cyber espionage group called APT30 had been hacking governments and businesses in Southeast Asia and India for the last 10 years.