Defence Notes
New Delhi, 9 July 2012
China’s
Cyber Warfare
IS
INDIA BATTLE READY?
By
Col (Dr) PK
Vasudeva (Retd)
On 30th June
last, India woke up to Chinese
hackers having broken into sensitive naval computer systems in and around Visakhapatnam, the Eastern
Naval Command’s headquarters. Worse, they planted bugs (virus) that secretly
collected and transmitted confidential files and documents to Chinese IP
addresses.
This is significant given the fact
that the Eastern Naval Command plans operations and deployments in the South
China Sea, the theatre of recent muscle flexing by Beijing, and beyond. Also, India’s first
nuclear missile submarine, INS Arihant, is currently undergoing trials at the
Command.
Recall, cyber
espionage first came to light in January-February last. Wherein New Delhi immediately got
naval resources and other cyber forensic agencies to track down the
hackers. Needless to say, Beijing had been accused
earlier too of using “cyber battalions”, specially trained military staff, to break
into sensitive computer systems across the world.
Undeniably, it has used its
expertise as a cyber-power to access highly confidential information relating
to national security of other countries, including India. In fact, New
Delhi should take note of this, not only because of its
historically contentious relationship with Beijing
but also due to China’s “all
weather friendship” with Pakistan.
Especially against the backdrop of Islamabad
continuing sponsorship of terror across Indian borders especially Jammu and Kashmir.
Pertinently, just as armies fight on
land, navies at sea, and air forces in air, national cyber-forces now fight in
the online world. Indeed, cyber warfare is the new emerging battle front. Sadly,
it is a battle that India
is ill-equipped to wage. Resulting in the country being under-defended against
sustained, damaging State-level cyber attacks.
Asserted renowned virus hunter Mikko
Hypponen to India Site: “We’ve traced most of the cases of hacking against
India not to Pakistan, or Russia,
nor anywhere else, but to China.”
Undoubtedly, China has a
large cyber army besides using a network of patriotic and mercenary hackers which
enables the State to deny responsibility. As Beijing has extensive control over its
Internet, it needs no rocket science to decipher that these attacks are
pre-planned as a part of its Government’s military strategy.
In fact, there is nothing to stop
China, unless India develops its own tools for cyber warfare, warns the National
Technical Research Organisation (NTRO), the agency principally involved in
investigating the damage caused by Chinese hackers. This outfit is directly
under the Prime Minister.
Notwithstanding, New
Delhi and Beijing
might be talking peace, but it still has to address and grapple with how it
will counter this full-blown cyberspace war. A TV media channel recently
presented a frightening scenario. Showcasing how Chinese hackers targeted
Indian computers with their deadly digital arsenal.
Significantly, with a staggering $55
million annual budget pumped into its devious science of strategic hacking,
nothing is sacred for Chinese hackers. Given that Beijing
views India
as its biggest enemy. According to Toronto
University's Munk Centre
for International Studies, Chinese hackers are known to function as a covert
arm of the Chinese navy. And like Pakistani jihadis,
the Chinese Government denies their existence.
Furthermore, hacking is
institutionalised in China
wherein virus writing is taught in Chinese military schools. Along-side, the art
of hacking is very much a part of the training imparted to a growing army of nearly
10,000 cyber soldiers.
In addition, the Red Hackers
Alliance, the fifth largest hacker group in the world, is known to render
services directly to the Chinese Government. With the Alliance
at its disposal, Beijing
enjoys supremacy in hacking techniques.
The Chinese hacking force uses
malware, spyware, key loggers, Trojans, bots and malicious code generators to
break into Indian computers, copy documents, ex-filtrate sensitive material and
bug classified correspondence. Basically, without a dedicated Indian
cyber-security organisation, the country will remain a sitting duck.
It is no secret, that the country faces
increased cyber warfare than most nations in the developed world. A prominent Russian
security expert Dmitri who has worked with the Indian Government, averred:
“A State-funded terrorist group, perhaps pushed by some elements of a Government,
could be a danger. For the foreseeable future the threat from Stuxnet like
attacks will come from nation States”.
Adding, “India is definitely at risk as it
is in a very unstable part of the world with a constant threat of war. It should
assume that it will be compromised, and ask how to ensure that it doesn’t break
the country, economy or damage national security.”
As it stands, in
the last three months, 112 websites of the Government have
been hacked by a Pakistan-based group known as H4tr ck. Whereby, the authorities
have finally woken up to the fact that India is facing a major cyber threat
that might continue unabated for sometime.
Recently, the
Bharat Sanchar Nigam Limited’s website was among those which were hacked. Also
targeted were websites of the Union Human Resources Development Ministry, Union
Finance Ministry, and Union Foreign Ministry as also various State Governments
and educational sites.
Remember, New Delhi was left
red-faced when the Central Bureau of Investigation’s high profile website
was hacked a few months ago. According to sources, crucial data on the website
was either lost or deleted due to the attack.
World-wide many
countries are busy setting up systems to battle cyber warfare. In 2009, US President Barack Obama declared America's
digital infrastructure to be a "strategic national asset," and a year
later the Pentagon set up a new U.S. Cyber Command (USCYBERCOM), headed by
National Security Agency’s (NSA) Director to defend American military networks
and attack other countries' systems.
Ditto the case
with the European Union which has set up ENISA (European Network and
Information Security Agency) with further plans to significantly expand ENISA's
capabilities. The United
Kingdom too has a cyber-security and
"operations centre" based at the Government Communications
Headquarters (GCHQ), British equivalent of US’s NSA.
All in all, despite efforts to ramp
up a cyber army, the Government’s cyber defences are only as strong as their
weakest link. The National Technical Research Organisation, the apex
group under the Prime Minister’s Office tasked with India’s cyber-security, responds to
the attack and neutralizes it. But not before discovering that some of its
machines have been under hostile control for over two years.
Therefore, India needs to urgently install a Cyber Command
like the US
under the Chief of the Defence Staff (CDS). The Government needs to wake up
before it is too late. ---- INFA
(Copyright, India
News and Feature Alliance)
New Delhi, 9 July 2012
|