The information emerged from a Board of Inquiry established seven months ago. It is believed that around six naval officers have been indicted for their role in the incident. Little detailed information has yet been released, so it it is not known whether the officers’ role was active engagement in the hack, or more likely merely a failure to follow security procedures.
What is known is that the spyware was spread via thumb drives: the drive would infect a computer, and the computer would infect any subsequent thumb drive later used with that computer. The spyware searched files for pre-coded keywords. Whenever a file was found containing one of the keywords, a copy of the file was placed into a secret folder on the thumb drive. If the thumb drive was later connected to a computer with internet access, the files would be transmitted to an IP address in China. The extent of any loss of confidential data is still being investigated; but sensitive data is officially held only on computers without internet access, and the use of thumb drives is prohibited.
Li Wei, director of the Institute of Security and Strategic Studies with the China Institutes of Contemporary International Relations, told the Global Times that Chinese government involvement was unlikely. India’s “hacker defense ability is better than that of China. The accusation against China is not that credible.” He went on to suggest that some Indian media were playing the ‘China espionage’ card in response to public concern over China.
The naval center at Visakhapatnam is home to the INS Arihant, India’s first of three native-built nuclear submarines, and expected to be in service next year. The navy already has a Russian-built nuclear submarine, INS Chakra, which came into service earlier this year. India is believed to be constructing a secret base for these vessels.