(published in 2008)
With the rise in attacks on information
network, Indian intelligence agencies are preparing new strategies to counter
it, finds out C Shivakumar
To fight and win all your battles is not the
acme of excellence. Supreme excellence lies in subduing your enemy without
fighting.
-- Sun Tzu
There is a new type of war being fought these
days. It does not involve troops, guns, explosions, munitions, blood or bodies.
Instead, its frontline is made up of (mostly) young men and women hunched over
computer keyboards, furiously typing out commands to disable the adversary's
information networks even before anyone formally declares war. Welcome to the
world of cyberwars.
India is caught in the midst of such a war on
its information assets. A recent Indian Computer Emergency Response Team report
says hackers breached Indian information networks more than 61 times in April 2008.
The attack on Ministry of External Affairs
website recently where reports claim Chinese hackers got away with useful data
highlighted the under-preparedness against such raids by hackers.
Institute for Defence Studies and Analyses
(IDSA) researcher Ajey Lele says there is a lack of foolproof system and
awareness level. "The recent attacks has forced organisations to look at
the threat seriously," he says.
Sources close to hi-tech spying agency
National Technical Research Organisation say that India is planning to protect
its data online by developing indigenous expertise in cryptography (technique
of enciphering data to an unintelligible form to unauthorised person) and
cryptanalysis (Techniques of breaking the secret messages).
"Separate encryption algorithms
(sequence of instructions, often used for calculation and data processing) or
methods will be used to defend our information networks. It will be developed
indigenously to safeguard our information networks," says a source close
to NTRO.
The head of the Centre for Cyber Security in
Amrita Vishwa Vidyapeetham Dr Sethu Madhavan says a security analysis report on
spear phising by the Technology Information, Forecasting and Assessment
Council's Centre of Relevance and Excellence (TIFAC-CORE) found out that
hackers embed a malicious software (malware) inside a specially created Word
document and send it to the target network.
"When the file is opened, the malware
allows unauthorised disclosure of information and disruption of service and
gets the control of the targeted work station.
"The proof to link that the attacks
originated from China is based on the e-mail header analysis.
“Since the authorities there control their
cyberspace effectively, it can be said that these have the tacit blessings of
the authorities,” Dr Madhavan says.
CERT-India director Gulshan Rai says, “among
all the different activities being undertaken by the hackers all over the
world, China is focusing on creating malicious codes, largely for espionage and
remote controlling the information systems.”
A US report says China's new high-tech
information warfare capabilities will pose strategic and operational problems for
India and the West.
Intelligence agencies claim China's People's
Liberation Army has conducted several field exercises, including the one in
which 500 soldiers simulated cyberattacks on the telecommunications,
electricity, finance and television sectors of India, Japan, Taiwan and South
Korea.
The report quoting Chinese defence experts
claim that Chinese task force have prepared plans to cripple the civilian
information infrastructures of India, Taiwan, the United States, Japan and
South Korea.
But IDSA researcher Ajey Lele feels the
threat from China is overblown. He says one can't just blame a single country.
"China does have a strategy as like the US and most of the world is
realising the potential of information technology and using the cyberspace for
strategic maneouvres."
He says India needs to establish a Cyber
Command integrating the three forces just like the US model.
"Currently, the army doesn't face threat
from cyberspace as it uses intranet as mode of communication. But one should
not be blind to the threats."
Meanwhile, the Indian army has decided to
boost the security of its information networks right down to the level of
divisions, which are basically field formations with over 15,000 troops.
Apart from creating cyber-security organisations
down to the division-level to guard against cyber warfare and data thefts, the
army top brass has also underlined the urgent need for "periodic
cyber-security audits" by the Army Cyber Security Establishment (ACSE).
IIT Chennai and seven other academic
institutions are working with National Technical Research Organisation on a key
project Directed Basic Research in Smart and Secure Environment (SSE).
"The goal is to create a distributed
test bed using which new ideas in cyber defence can be developed," says
Prof Raghavan.
Talking about the SSE project, Raghavan says
"when an active element such as a router (specialised computers that send
your messages and those of every other Internet user speeding to their
destinations along thousands of pathways) is compromised, the adversary will
attempt to reach other parts of a network through that router.
"It does take some time. Also the
attacker may try several active components connected to the compromised one,
but succeed in compromising only a few of them. This is what we call velocity
of attack – it has a direction and travel (spread) speed.
"One of the goals is to come up with
identification of compromised routers, for example and through appropriate
means (to be evolved as a part of the SSE project) counter them", says
Raghavan.
However, it is not only India which is facing
the heat from Chinese hackers. The hacking menace has resulted in a worldwide
anti-China cyber war coalition.
Raghavan says India's joining of the
coalition will enable exchange of information that individual teams are able to
find through their networks.
"Time zones sometimes can be of great
help as one country can detect it early and help another in a separate time
zone to raise its defence," he says.
The attacks on information networks have also
raised the concerns of several international organisations and the governments.
Professor James J F Forest, the Director of Terrorism Studies and Associate
Professor at the United States Military Academy feels global networks are
facing not only threats from China but also from Russia, several countries in
Eastern Europe and the Former Soviet Union, as well as North Korea.
Organisation for Economic Cooperation and
Development (OECD) says "over the last 20 years, malware has evolved from
occasional "exploits" to a global multi-million-dollar criminal
industry ... Cyber criminals are becoming wealthier and therefore have more
financial power to create larger engines of destruction."
This has forced International
Telecommunications Union to work on a Global Cybersecurity Agenda (GCA) which
aims to put into place an international cooperative framework to fulfill the
goals of Action Line C5 -cooperation among the governments, prevention,
detection and response to cyber-crime, says Alexander Ntoko, the Head of
Corporate Strategy Division, International Telecommunication Union.
Rai says, “the monitoring of cyberspace is to
be done at the country level and there cannot be a global watchdog. There are specialized areas and these
specialized areas are to be monitored by different agencies having the
necessary expertise in those specialized areas. “
Forest says "a global watchdog is the
stuff of Hollywood fiction. With all the open source communities and
technological advances each year, I just can't see it ever becoming a
reality."
No comments:
Post a Comment