Continue reading »]]> Cyber security researchers and analysts have uncovered the existence of a spy network based in China that was used to steal sensitive, classified government documents from India – as well data from the Dalai Lama’s office and the United Nations.

The “Shadow Network”, as this network is now known, has been traced to two people living in Chengdu, China.
China is largely believed to possess a Cyber Warfare Doctrine that is designed to achieve global “electronic dominance” by 2050. With a yearly budget of $55 million allotted for it and over 10,000 hackers working in tandem, China is second only to U.S. when it comes to cyber snooping prowess.

As more details emerge about the intentions of these hackers, it is clear that they had targeted the upcoming Commonwealth games in India. The idea was to make Commonwealth games an utter failure later this year. The plans included studying the network architecture of the entire Commonwealth games IT infrastructure. This includes ticket sales, online registration servers all of which would crash at the time of the inaugural ceremony. The hackers had also looked into tender documents for the Commonwealth games network infrastructure. Intelligence agencies feel this could be for studying vulnerabilities in the system for possible attacks.

As to how the latest attacks happened, the modus operandi was simple. Individuals in the ministries were sent emails from a genuine looking nic.in mail address. The email had a PDF attachment that was infected. Accounts on Twitter, Yahoo Mail, Google Groups, Blogspot and other social-networking sites were used to update compromised computers and to host malware, according to the report.

Isn’t it high time that we pull up our socks and deal with this grave security threat?

Continue reading »]]> IANS / PTI

The Hindu

March 2010

http://beta.thehindu.com/business/article193044.ece

There have been attempts to hack into the government computer network, but till date there has been no loss of vital information, says Minister of State for Communication and Information Technology Sachin Pilot.

“Yes, there have been attempts but I can categorically say that not one attempt has been successful,” the minister said. “The government’s computer network system, maintained by the National Informatics Centre, is highly efficient,” Mr. Pilot told IANS in an interview.

Earlier this year, hackers tried to penetrate government computers in vital ministries including the office of the National Security Adviser (NSA). These attacks, officials said, originated in China.

According to the Computer Emergency Response Team, a cyber security advisory and referral agency of the Department of Information Technology, 570 Indian web sites were defaced by hackers during January this year, against 271 during the like month of last year.

During the whole of last year, a total of 6,023 cases of defacement were reported.

The agency also said that during January, out of 246 cyber-security incidents, as 63 percent related to spamming, 18 to phishing, 8 percent to malicious viruses, 76 percent to unauthorised scanning and the rest to other categories.

Former NSA M.K. Narayanan, who is currently West Bengal governor, had stated that his office and other government departments were targeted on the same date that U.S. Defence, Finance and Technology companies, including Google, reported cyber attacks from China.

The hackers had sent an e-mail with a PDF attachment containing a Trojan virus. But the virus, which allows hackers to download or delete files, was detected and officials were told not to log on until it was eliminated.

Mr. Pilot pointed out that such hackers were usually scanning the entire system to find weak spots. “But our people are very efficient and well trained. Safeguards have ensured that national security has not been breached.”

The Ministry of External Affairs and Indian embassies have instituted stringent protocol on the use of e-mails by serving officers, which includes frequently changing passwords and using e-mails only for routine communication.

Besides, the ministry has instituted a periodic security review of all computers to ward off cyber threats.