China mounts cyber attacks on Indian sites

by kaizadbhamgara | May 4, 2008 at 05:35 pm | 560 views | 4 comments

In perhaps what could be detrimental to Indo-China Peace talks, the growing number of Internet related threats through the forms of BOT attacks, key logging software and Mapping networks.
Although there seems to be progress made on issues of trade and commerce recently, the presence of China's armed forces on India's LOC (Line Of Control) and India's LAC (Line of Actual Control), this is rapidly turning into a cold war of sorts. It has long been rumoured that China has provided Pakistan with armaments and weapons systems, in order to counter Russia's presence in India's arms and defense stocks. How far will this cyber threat go to derail peace talks between India and China remain to be seen, however one thing is for certain, unless India takes adequate steps to protect itself from external and internal cyber threats, the world famous IT Giant could be facing a grim situation.

NEWDELHI: China’s cyber warfare army is marching on, and India is sufferingsilently. Over the past one and a half years, officials said, China has mountedalmost daily attacks on Indian computer networks, both government and private,showing its intent andcapability.

The sustainedassault almost coincides with the history of the present political disquietbetween the two countries.

According to senior governmentofficials, these attacks are not isolated incidents of something so generic orbasic as "hacking" — they are far more sophisticated and complete —and there is a method behind themadness.

Publicly, seniorgovernment officials, when questioned, take refuge under the argument that"hacking" is a routine activity and happens from many areas around the world.But privately, they acknowledge that the cyber warfare threat from China is morereal than from othercountries.

The core of theassault is that the Chinese are constantly scanning and mapping India’sofficial networks. This gives them a very good idea of not only the content butalso of how to disable the networks or distract them during a conflict.

This, officials say, isChina’s way of gaining "an asymmetrical advantage" over a potentialadversary.

The big attacks thatwere sourced to China over the last few months included an attack on NIC(National Infomatics Centre), which was aimed at the National Security Council,and on the MEA.

Othergovernment networks, said sources, are routinely targeted though theyhaven’t been disabled. A quiet effort is under way to set up defencemechanisms, but cyber warfare is yet to become a big component of India’ssecurity doctrine. Dedicated teams of officials — all underpaid, of course— are involved in a daily deflection of attacks. But the real gap is thata retaliatory offensive system is yet to be created.

And it’s not difficult,said sources. Chinese networks are very porous — and India is anacknowledged IT giant!

Thereare three main weapons in use against Indian networks — BOTS, key loggersand mapping of networks. According to sources in the government, Chinese hackersare acknowledged experts in setting up BOTS. A BOT is a parasite programembedded in a network, which hijacks the network and makes other computers actaccording to its wishes, which, in turn, are controlled by "external"forces.

The controlledcomputers are known as "zombies" in the colourful language of cyber security,and are a key aspect in cyber warfare. According to official sources, there areclose to 50,000 BOTS in India at present — and these are "operational"figures.

What is the danger?Simply put, the danger is that at the appointed time, these "external"controllers of BOTNETS will command the networks, through the zombies, to movethem at will.

Exactly a yearago, Indian computer security experts got a glimpse of what could happen when atargeted attack against Estonia shut that country down — it was done byone million computers from different parts of the world — and many of themwere from India! That, officials said, was executed by cyber terrorists fromRussia, who are deemed to be moredeadlier.

The point thatofficials are making is that there are internal networks in India that arecontrolled from outside — a sort of cyberspace fifth column. Hence, theneed for a more aggressivestrategy.

Key loggers issoftware that scans computers and their processes and data the moment you hit akey on the keyboard.

Thisinformation is immediately carried over to an external controller — sothey know even when you change your password. Mapping or scanning networks isdone as a prerequisite to modern cyber warfare tactics. MEA has a three-layeredsystem of computer and network usage — only the most open communication issent on something called "e-grams".

The more classified stuff usesold-economy methods — ironically, probably the most secure though a lotmore time-consuming. The same is true of other critical areas of the government.But the real gap inside the national security establishment is one ofunderstanding the true nature of thethreat.

National securityadviser M K Narayanan set up the National Technology Research Organization,which is also involved in assessing cyber security threats. But the cybersecurity forum of the National Security Council has become defunct after the USspy incident. This has scarred the Indian establishment so badly that it’snow frozen in its indecision. This has seriously hampered India’sdecision-making process in cyber warfare.