WISH YOU A HAPPY AND SECURE YEAR 2009

Sunday, January 4, 2009

India has to gear up to face the virtual assault

ATTACK : India has to gear up to face the virtual assault

Bhuvan Bagga

January 2, 2009

http://indiatoday.digitaltoday.in/index.php?option=com_content&task=view&id=24165&sectionid=4&issueid=86&Itemid=1

New Delhi, It is not just terror on the ground that India is worried about any more. The Computer Emergency Response Team of India (CERT-In) estimates that Pakistan- based hackers have attacked Indian networks more than 100 times since the November 26 strike on Mumbai.

According to Gulshan Rai, director, CERT-In–the specialised arm of India’s Information Technology ministry – network hacks from Pakistan- based programmers have been “naïve but effective”.

Says Rai: “As soon as the dust over the November 26 attacks settled and the Pakistani role in it became clear, Pakistan- based hackers have defaced more than 100 Indian websites with anti- India messages. Other attacks include those on government networks and networks of government- affiliated agencies.” In fact, the IT ministry has its own informal list of “most wanted” Pakistan- based hackers. Cyberlord, an Internet nickname of one such has executed 70 attacks on Indian Web sites. Similarly yusufislam (58 attacks), el_ muhammed (46 attacks), iranianboysblackhat (52 attacks), mirim (35 attacks) and cracker_ child (103 attacks) lead the way for Pakistan-origin cyberspace strikes.

Experts even say that these are “the Dawoods, the Zaki-ur-Rehman Lakhvis and the Masood Azhars of the virtual world”. They are strongly anti-Indian and several of them work freelance for anti-Indian outfits in the real world.

It is not just hackers from Pakistan.

Says Rai: “In 2008, Chinabased entities broke into one State Bank of India website and took complete control. Luckily it was only a consumer information site. But also remember that almost every bank has critical financial data online and it does not take a genius to realise what would happen if a hacker — especially one that is statesupported — took over the site, and deleted or manipulated all financial records.” CERT- In recorded 401 cybersecurity- related incidents in November 2008 and a total of 291 defaced websites — primarily by agents based out of Pakistan, China, Russia, Iran and America.

On November 29, a cyber security related blog on ZD Net reported that a “virus outbreak had affected 75 percent of all systems at the largest US military base in Afghanistan. The intrusion was severe enough to necessitate the briefing of the President. We don’t know the source of the attack but signs point to state actors, with the most popular contenders either being Russia or China”.

The West woke up to the threat early, even going on to make the ahead of its time Sandra Bullock starrer Hollywood blockbuster The Net in 1995. With the kind of attacks we’ve been facing in 2008, India should strengthen its cyber security force many fold.

A senior IPS officer told Mail Today: “We don’t really have advanced cyber security systems, certainly not as strong as in the US or in the UK. We also need strong state support to thwart such attacks.”

A Delhi Special Cell Police officer said: “The US, Russia and China officially allow the use of ethical hackers to solve Internet crime and cybersecurity breaches. However, in India, a police officer can be arrested for asking for funds to hire a hacker, since hacking itself is illegal. The Indian state does not differentiate between ethical hacking and subversive hacking. Yet, the police are expected to show results.”

Cyber security experts say that they want to ask for state funding and laws structured to current reality and advancements. The Special Cell officer told Mail Today: “Our officers lack basic knowledge. It is a known fact that India- based hackers get sold to the highest bidder, and some of the best hacking minds in India work for China, the US or Russia. Today, I can send an email to any agency in a way that it would seem to have emerged from any other country.

I can break into sites and networks and steal the most strategic secrets. Alok Mukhopadhyay, an Associate at the Institute for Defense Studies and Analyses, says: “Information or rather disinformation warfare is the one for the 21st century.

The wars are now being fought over the Internet – not only through attempts of hacking, stealing and defacing, but through a smokescreen of disinformation.” It is not that cyberwars are unknown. Americans routinely target the Chinese and Russian hackers. The Chinese and the Russian state arms retaliate the same way with virus attacks, hacking and defacing.

The Special Cell officer said: “At a time when information is the key and an ever bigger proportion of it is in the cyberspace — India better buckle up fast — because if we lose this fight, the physical fight would only become even tougher.”

What they specialise in

China – Known to be keeping a very close watch on India’s Networks, specially government ones. Known for being good at putting in spywares.

Russia – Known for launching up very aggressive financial attacks. Primarily into stealing critical data, oganisation’s or military’s for financial benefits.

Pakistan – Primarily into anti-India propaganda, and Website defacing and damaging the primary information pool

Eastern Europe – Hacking into financial instruments and stealing data.

Middle East including Iran – Into Islamic propaganda, specially into anti- India doctored stories of Hindu-Muslim disunity.

Nigeria - Famous for black dollar scam.

The infamous hackers

Yusufislam – 58 websites defaced/ attack incidents in recent months

El_ muhammed – 46 websites defaced/ attack incidents in recent months

Iranianboysblackhat – 52 websites defaced/ attack incidents in recent months

Cracker_ child – 103 websites defaced/ attack incidents in recent months

Mirim – 35 websites defaced/ attack incidents in recent months

No comments:

This Day in History

Thanks for your Visit