Tuesday, March 26, 2013

How prepared is India for cyberwar


An apocryphal story from North Korea is that the next thing a child is taught in school after the late dictator Kim Il-sung's interpretation of Marxism-Leninism is computers. The best ones among them, according to reports that have appeared in CNN.com and Canadian daily Macleans, are picked to train themselves in the art of hacking, especially of international gaming sites, to rake in millions that go into the nuclear programme of this poor "Stalinist" regime beset with malnutrition deaths and starvation.
A few days ago some of these teenagers allegedly attacked the computer networks of three broadcasters and three banks of rich rival nation South Korea, paralysing operations.

According to reports in Al Jazeera Online, Macleans and various US dailies, the North Korean government scours universities and high schools for prodigies to send them to "friendly countries" and train them in cyberwarfare. China, which is increasingly emerging as the fount of cybercrimes in the world, has long been recruiting young adults; it is following in the footsteps of Israel's Talpiot Programme, which, launched in 1979, recruited math-proficient teenagers to help boost the country's technological prowess.

Where does India stand?

A few countries along with terrorist organisations of all hues are wreaking havoc across the world, displaying their cyber prowess at crippling infrastructure — political and financial — of countries without deploying conventional violent means. The West, especially the US, is vigorously putting in place systems to combat the menace.

How prepared is India? The country's core assets such as power grids and financial and transport networks are fast getting connected to the internet and more official data are getting stored online. Hostile neighbours and wily groups of global and local extremists are equipping themselves in no-holds-barred cyberwarfare — the Assam riots a few months ago that triggered a widespread exodus of north eastern students from cities such as Bangalore confirmed the subversive games they play through social networks.

According to a home ministry official, the most frequently attacked networks include the Prime Minister's Office and the ministry of external affairs. Though DRDO comes on this list of targets, the nodal defence research agency keeps issuing statements denying any attack on their networks. Sure, our authorities are concerned. But are they doing enough to prevent such attacks?

Coming of age

Renowned American military strategist Edward Luttwak can't hide his scorn at "people (especially in India) talking suddenly about cyberwar years after it had started. He also disapproves of the widespread practice of differentiating cyberspace from land, air and sea. "It should ideally be an integrated effort," says he referring to cyberdefence as the fourth arm after the army, navy and air force. But he insists that what is required for combating cyberstrikes — terrorist or otherwise — are teams manned by teen recruits.

Gulshan Rai, who heads the Indian Computer Emergency Response Team (Cert-In), can't agree with him more. He says India is tapping into a pool of young talent to fortify its anti-cyberwar strength. Rai is expected to become the first national cyber security coordinator (NCSC), a position being created to coordinate among all cyber agencies in the country. Rai notes that steps have been taken to "involve" young people in R&D for cyber security.

True, India has not been sleeping over it all along. Nearly a decade ago India's military intelligence team had hired a few bright young men to work on something special. The word hacking wasn't very uncommon by then, but what they did was.

According to a person who was part of the team and a defence ministry official, these "brainiacs" not only accessed Pakistan government's networks, but also snooped on the US embassy's network in Islamabad and retrieved what news portal Rediff — which reviewed the "hacked" documents a decade ago — called the "US roadmap for Pakistan."

The leaked documents contained the entire US game plan in the region and touched upon various sensitive subjects, including Kashmir. They also revealed the American plan for what South Asia Tribune, a US-based online newspaper, termed "clipping General Pervez Musharraf's wings" by 2004. The US, for its part, had denied the existence of such any such roadmap.

We aren't always behind

So hiring teens or young adults to work towards enhancing a country's cyber capabilities isn't anything new, even in India. Mahindra & Mahindra's security chief Dinesh Pillai says: "It is absolutely impossible to create such strengths without involving teens." Gabi Siboni, director of cyberwarfare programme at Tel Aviv University's Institute for National Security Studies, agrees and says such a move alone makes sense.

He explains that human capital and technological knowledge starts at a very young age in the cyber sphere. "We see the phenomenon of brilliant analytic youth with excellent hacking capabilities. Therefore, catching them young is the way to go about doing it," he says.

India started off well, perhaps, recalls a defence ministry official asking not to be named. But like in most cases, he admits, "We couldn't sustain the momentum. Especially in the face of a growing Chinese threat."

Enter the dragon

Siboni has studied China's cyberwarfare for long. Quite surprisingly, China began to focus on it around the same time or a little after India made decent advances in that direction, hiring young talent to spy on official networks of rival countries and outfits — and sometimes political opponents.

But unlike India's, China's strategy was not a standalone one. According to Siboni, it was part of a "profound modernisation" undertaken by the Chinese military in the last decade. In an exhaustive research paper he co-authored, titled 'What Lies Behind Chinese Cyberwarfare', Siboni says Beijing's plan stems from the awareness that its armed forces are structurally inferior to those of the West.

Therefore, along the lines of Sun Tzu's key instruction in The Art of War, the Chinese decided to "avoid strength and attack weakness." China knew that it had to confront an enemy with technological superiority in the information flow, Siboni says. "The assumption is that during a confrontation, the ability to damage the flow of information would allow China to attain an advantage in the physical battlefield," he explains.

Stealth operations

Some of the major cyberattacks attributed to China over the past several years include Operation Aurora, which was to gain access to Google's password mechanism. Through the 2011 attack on cybersecurity company RSA, the US claims, China wanted to steal a "great deal" of military-related intellectual property.

Northrop Grumman, which analysed the attacks, noted that "the attackers were highly disciplined." It stated that none of them opened the files to scan for content, but straight away copied them, indicating that they had prior information about the content.

Another operation by Beijing, Operation Nitro, was meant to perform technological espionage of US utility companies. The Chinese also meticulously targeted human rights organisations working on its soil, then Japanese motor industries and so on, according to research reports by Israel's Institute for National Security Studies.

Other operations included The Night Dragon and Shady Rat attacks which targeted government organisations, energy companies, communication networks, security and financial firms and so on. It was China's Skypiot back-door programme — like Talpiot, comprising cells manned by teens — that has served the Chinese cyber-offensive since 2006.

Country under fire

Though the Chinese have mostly targeted the US and other developed countries, they are said to have zealously hacked Indian government networks for information theft, says a defence ministry official who asked not to be named. "But there is enough proof that they have a desire to damage our infrastructure in the future," he says without elaborating.

In the face of fears that the Chinese or terrorists may target India's powergrids, transport networks or financial systems, the government has, a few weeks ago, created joint working groups from across industrial segments under the national security adviser to enlist the private sector's support in combating cybercrime.

The objective of the move is to set up a cybersecurity architecture; and to boost both its cyber defence and offence capabilities anticipating that, like the US, India too will face heightened attacks. Cybercrimes on Indian official networks have risen from 23 in 2004 to over 13,000 in 2011, according to CERT data.

Meanwhile, the discovery of Stuxnet, a cyberworm, in Indian systems has sent intelligence agencies into a tizzy. Researchers at Toronto's Munk Centre for International Studies say a Chinese network, GhostNet, had infiltrated networks of the Indian government as well as those of the exiled Tibetan leader Dalai Lama. "The security posture of the infrastructure has been strengthened [ever since]. It is a continuing effort," says Rai.

According to the home ministry official, plans are afoot to tap high schools and institutions of excellence such as IITs to hire "brainy and patriotic young ones" who can contribute to developing the country's security on the cyberfront. A Chennai-based defence expert said that most countries do it, but don't talk about it, referring to cyber offence on rival countries. He spoke on condition of anonymity. "Whatever that is, if cybersecurity is a coin, it has two sides: defence and offence," insists the home ministry official.

The good, the bad and the ugly

According to Siboni, the strongest countries in terms of cyber military capabilities are the US, China, Russia, the UK and Israel. "Countries that do not invest in IT protection will become [or already are] easy targets of criminal elements," he warns.

Indian IT capabilities aren't bad, vows Rai. Both the defence and home ministry officials agree. "Where we lack is in government policy formulation as well as implementation," says an intelligence official who also spoke on condition of anonymity. True, India pales in comparison with China in seminar-room comparisons. However, India is home to a strong community of white hats — or hackers who do the job for a fee. After all, the country has several institutes that teach so-called ethical hacking.

A recent cyberstrike into the accounts of high networth individuals by so-called hacktivists — like the group Anonymous, which calls itself a Hydra (if you cut its head, 10 more will appear in its place) — was traced to the server of a private institution that teaches ethical hacking in India. Hackers trained there have also reportedly attacked computer systems in an airport in a southern Indian city. Several other analyses say many cyberattacks have emerged out of servers based in India, indicating untapped potential within the country.

The eye of terror

The US has often warned countries resorting to cyberwarfare against it of retaliating with traditional warfare. "That is laughable," says an Israeli professor who was once part of the Talpiot Programme. "Where do you send your missiles to?" he asks adding that such "hackctivists infest a similar turf that is frequented and created by terrorists to communicate among themselves, called DarkNet."

You can't afford to wage a war against them from outside cyberspace, he insists. Yoram Schweitzer, a Tel Aviv-based colleague of Siboni and an expert on terrorism and low-intensity warfare, notes that "cyber offence has the potential to change society's balance of power because it empowers those engaged in asymmetrical conflicts that operate from a position of inferiority, especially terrorist organisations... Already today, global jihad terrorist organisations are making use of cyberspace, though still in a limited fashion."

Currently, Schweitzer points out, terrorists mostly use the internet for propaganda, recruitment, fundraising, internal communication and gathering information. Soon, they may go on the offensive and strike in an unpredictable fashion, like those far-fetched scenarios in 1990s' Hollywood movies, such as Die Hard coming true decades later. The movie showed terrorists feeding false data into computers that leads to the crash of a plane.

"Be on your guard and work hard in developing capabilities in this newest arm of defence," says the defence ministry official. Sunil Khilnani, professor of politics at King's College who has written extensively about cyberwarfare, has no doubts that the most competent people in the field of cyber defence are young.

"That is the right group from which to recruit," he asserts. He adds a caveat to it: "Such smart young students are often quite independent-minded themselves, so it may not always be the case that they will simply do what they are supposed to do!"

"Indeed, teen spirit helps. But discipline is key," says a DRDO scientist, referring to the need for instilling a sense of purpose in young recruits to work for enhancing the country's cyber defence and offence acumen.

No comments:

Post a Comment