- The 'Doosras'
March 2, 2013
The best of the web for those who love the gentleman's game.
February 16, 2013
Do you want to know the secret behind the working of a robot or a piano?
- Worth a thousand words
February 16, 2013
Photography websites that inspire, educate, entertain and amuse.
- In This Section
- Entire Website
From the Times Of India
- MOST POPULAR
Cyberian war games
Cyber warfare is no longer only about stealing information or defacing websites. Enemies may shut down power grids, disrupt air and rail traffic and bring down financial networks. Is India battle-ready?
In the summer of 2009, Stuxnet, among the deadliest electronic 'worms' ever to be unleashed, began to insidously spread around IT systems across the world. Over the next several months, the computer worm looked out for programmable logic controllers, tiny computers that regulate industrial systems, that it could take control of. Though its target was Siemens machines that controlled the centrifuges of the Iranian nuclear programme, one of the destinations that Stuxnet landed in was India. The worm - what many call the first cyber offensive weapon with the power to cripple significant industrial capabilities - was unprecedented in many ways. It has even been compared to an army of armed UAV drones. It is now clear that the Stuxnet project - codenamed Olympic Games - was the product of the US's National Security Agency, and maybe the Israeli military too. It was specifically created to target Iran's nuclear enrichment center at Natanz, and it did so with considerable success. The centrifuges spun out of control. Because Iran was the target, India was spared. It was largely providential. No thanks to India's capabilities to take on a sophisticated cyber attack. India was definitely not aware or awake to the possibilities of sneaking attacks through modern IT networks. "It (the Stuxnet intrusion) was probably unintentional, but an intentional attack on India's critical infrastructure cannot be ruled out, " says one of the seniormost officials responsible for India's cyber security. "We haven't yet seen a cyber attack, only intelligence gathering. An attack that can debilitate our infrastructure is what we must be prepared for, " he adds.
PLAYING CHINESE CHECKERS
The realities of the cyber world are not very different from the physical world. Most of the same issues - lack of capability, strategic flux and even the tactical alliances - are at play in the cyber world too. But unlike the real world, warfare is decidedly archaic in the virtual world - no rules, no norms, and definitely no human or machine rights.
India's primary cyber challenge emerges from its two major neighbours, China and Pakistan, although attacks may not be limited to these two alone. While Indian agencies examining cyber attacks believe that most such assaults on Indian networks, especially government-controlled critical infrastructure, originate from China, there is increasing proof that these attacks are far more widespread and originate from sources other than Chinese servers. Says a cyber security official: "We are seeing increasing evidence that many of the attacks that seem to be from China are not really so. They are being masked in very sophisticated manner to mislead us about their real origin. " There is also the realisation that attacks are not about defacing a website anymore. "What we are seeing are several trends. There are straight attacks, meaning efforts to enter your critical infrastructure but where we can identify the origin. Two, there are attacks that are masked so well that we are unable to track down the origin of the attacks. In the third case our networks are being used by other countries to target third countries, " the senior official says. "Beyond all that are real attacks that can cripple our networks, cause chaos and result in many kinds of loss". A few months ago, the South Korean government lodged a diplomatic protest with New Delhi, accusing it of trying to carry out cyber attacks on its networks. The protest surprised New Delhi, since it had never targeted South Korea. As technical intelligence operatives got down to verifying the accusation, it turned out that some other entity had used official government servers controlled by the National Informatics Centre to target South Korea. Suspicion obviously fell on North Korea, but no hard evidence linking that country to the attacks has been uncovered.
Such organised attacks are now targeting networks and computers where state secrets and other sensitive information are stored. "That is only the first stage. We are expecting to see more sophisticated attacks targeted at networks controlling power, air traffic control etc," says the same senior official.
A worm like Stuxnet can enter a network, spread itself, and stay undetected to cause catastrophic destruction. Indeed, the day is not far off when organised hacking will be able to shut down a nation's power networks, disrupt air traffic by intruding into Air Traffic Control systems, manipulate factory settings and wreak havoc elsewhere.
Even the most deadly attacks usually begin with just an email, say Indian officials handling cyber security. An email pretending to be from a dependable contact is usually sent with a malicious worm attached. The worm gains entry into a system when such attachments are opened. It then spreads across the network, taking out sensitive files, or causing other kinds of disruptions. Only in rare cases does a worm need to be injected into a system through options other than email.
In a report released in May titled 'India's Cyber Security Challenge', prepared by the New Delhibased Institute of Defence Studies and Analyses, a team of researchers discuss the "events of 30 June, 2020. " The futuristic scenario they paint is of widespread destruction unleashed by malware programs. A nation-wide telecommunication disruption, satellites thrown out of gear disrupted air and road traffic, collapse of power grids, explosions and fires in oil refineries, rail network disruptions and derailments, collapse of financial services including ATMs, collapse of health services, lethal clouds of noxious gas escaping from chemical plants into the air, and severe disruption of military capabilities. Such a scenario is not entirely the product of overactive imaginations.
New Delhi may have been late to wake up to the challenges of cyber warfare, but it has certainly got cracking now. In May, a senior leader of the UPA government articulated its concerns and urged preparation to meet all kinds of cyber threats. National Security Advisor Shiv Shankar Menon said India was creating a "coherent and comprehensive" policy to deal with cyber threats in what he termed an "anarchic new world".
"(The) government is in the process of putting in place the capabilities and the systems in India that will enable us to deal with this anarchic new world of constant and undeclared cyber attack, counter-attack and defence, " Menon said. He pointed out that the Computer Emergency Response Team-India (CERTIN ) was able to ward off "a staggering 8, 000 cyber attacks" during the 2010 Commonwealth Games.
Menon said that the government was putting in place a system of certification and responsibility for telecommunication equipment and is working on procedures and protocols which will rationalise communication interception and monitoring. The NSA also spoke about the need to "harden our critical networks" and that the government "will develop metrices to certify and ensure that our critical cyber networks, equipment and infrastructure are secure".
Such a policy "must include the entire scientific and technological strength of the country, whether in laboratories, universities or in our private sector firms. " Authoritative sources have also informed TOI-Crest that such a policy is in the works, and is most probably in the final stages of being cleared. The national policy to protect Indian cyber infrastructure, one senior official said, is likely to be approved by the National Security Council (NSC) headed by the Prime Minister any day now.
THE BEST FORM OF DEFENCE
According to the details of the policy provided to TOI-Crest, the government would also designate two agencies to carrying out offensive attacks on critical networks of other countries. The NSC would look to designate the Defence Intelligence Agency (DIA) and the National Technical Research Organisation (NTRO) as Indian agencies for carrying out offensive cyber operations, if necessary, on foreign countries.
The move means both DIA and NTRO would not only gather information from foreign networks, but would also be tasked with preparing for possible attacks on critical infrastructure in foreign countries. This could be targeting their power grids, satellite networks, air traffic controls, road traffic etc. Such attacks would be unleashed "as and when necessary", says one official. He said all the other intelligence agencies would be authorised to carry out intelligence gathering on foreign networks.
Under the proposed policy, CERT-IN (Computer Emergency Response Team, India) would be responsible for protecting much of India's cyber space, while NTRO would protect critical infrastructure. The policy envisages NTRO creating a National Critical Information Infrastructure Protection Centre (NCIPC), a round-the-clock monitoring centre, providing real time response to cyber security breaches on critical infrastructure. CERT-IN would also create CERTs for various sectors - such as power or air traffic - to respond better to any attacks on them.
Significantly, the proposed policy places the entire responsibility of protecting military networks entirely on the shoulders of the defence forces themselves, with the DIA as the lead agency. Sources say that both NTRO and Intelligence Bureau would primarily be responsible for the security of various government networks too. While the former would operate through NCIPC, IB would look mostly at the physical security of these networks. State police forces, CBI, NIA etc, would carry out any follow-up action once an intrusion is detected.
A change in perspective might also be required, however. A senior official admitted to TOI-Crest that even though this new policy is a giant leap forward for India, it might not prove adequate. "It's work in progress, " he demurs. Unlike countries such as the US, which have already designated cyber attack as an act of war, New Delhi does not intend to come up with any such classification. At least for the time being.
Register for Full Access to the Crest Edition
Don't have a Facebook Account? Sign up for Times Crest here.