« Back to articlePrint this article

High time India counters China, Pak cyber armies

August 17, 2012 13:32 IST

Defence Minister A K Antony recently told the Lok Sabha that steps had been taken to strengthen the security of the network at the Eastern Naval Command at Vishakapatanam in the wake of intelligence inputs regarding possible hacking.

He also said in a written reply that the matter has been investigated.

The first signs of this very important network being hacked came to light in November 2011 when intelligence agencies suggested that there were attempts being made to hack into the network which contains sensitive information.

Following this input a board of inquiry comprising experts was set up and it had been found that some of the systems in the naval command had been bugged by hacker groups.

During the inquiry it was found that some Chinese hackers had managed to bug the systems, but it was also discovered that not much damage had taken place and no sensitive information had gone out.

The bigger worry for India was that the incident took place at the Eastern Naval Command which houses the nuclear submarine, INS Arihant.

The defence minister made his statements in the Lok Sabha based on the inquiry conducted by the board of inquiry which found that very little data had been lost as a result of the bugs.

This is, however, the second time that there has been an incident of this nature being reported in the Indian navy. The first time around it was found that some officers had deliberately leaked some information and action had been recommended against them.

This time it appeared to be a bit more serious and had the Indian agencies not reacted soon, the leaked data could have become a serious problem.

During the inquiry it was also found that the main culprits behind the latest incident were a group from China. They had managed to break into some of the systems, plant bugs in it and get the information relayed to an IP address based in that country.

Although there is strong proof of a foreign hand being involved in this incident, the bigger problem that agencies found was that some persons within the base could have also played a role in this.

During the inquiry, five mid-level officers were questioned. Although their role in this issue cannot be attributed directly, it was found that there were some procedural lapses which led to such an incident in the first place.

It was found that some of these officers had carried with them their pen drives. It was the virus from these pen drives which helped the hackers enter into the systems. These officers are under scrutiny and action is being proposed against them. Whether it was a mere procedure lapse or was there more to it is something that only further inquiry will reveal.

The inquiry also found that the virus on the pen drives managed to collect and transmit data, which was later found on a Chinese IP address. The virus which infected the systems created folders which were hidden and collected documents.

Sources say that the biggest threats to our networks in India come from China and Pakistan. Although Pakistan has been found to hack into government sites, but when it comes to secret defence related information it is the Chinese who are the cause of worry.

According to cyber forensic agencies involved in this probe, China has been creating cyber battalions who are specifically trained to break into networks. They hack into the networks with the help of the various kinds of virus that they create and wait for some procedural lapses within the system to attack.

The National Technical Research Organisation had recently warned that India will need to create a stronger system in order to counter this threat. China has probably one of the biggest cyber armies and their dominance over the Internet space is not a secret.

China has an annual budget of $60 million (about Rs 336 crore) for such activities and it is said that there are nearly 10,000 people who comprise the horrific cyber battalion.

"It is almost state-funded terrorism against India," says an official.

"The Chinese over the years have improvised a great deal in hacking and they use everything right from bots, malicious codes, key loggers and Trojans to gain access to Indian systems," he adds.

Today the Chinese have found the social network to be a useful tool to further their goals. With the advent of the social media, many officers have been creating accounts on sites such as Facebook and Twitter.

The updates that they post with their location have been a source of great information for the Chinese hackers. They are constantly pulling out the lists of names and keep a track on these officers.

Although the officers do not post sensitive information on these sites, the hackers still manage to gain access to their location and other personal details. These hackers also look for detailed information on social networking sites such as political affiliation or religious beliefs of these officials, and based on that they at times have tried to approach them and enter into a conversation with them.

India would now like to ensure that officials working at such sensitive installations dealing with defence should not be on social networking sites as they are being monitored and watched for very different reasons.

The NTRO, headed by Prime Minister Manmohan Singh, has its job cut out. Although it has managed to neutralise scores of such attacks, there have been cases where it has also found that the system in question has been under the control of a foreign agency for quite some time.

This leads to the debate of setting up a full fledged cyber command and also enhancing the strength of India's cyber army.

However, the general complaint is that India is not yet ready to hire the services of ethical hackers. Many such ethical hackers have backed out since they feel that the government does not spend enough on them and there is hardly a line of protection.

Apart from China, India also faces a great deal of risk from the Pakistan cyber army. Some 112 Indian sites have been hacked and defaced in the past couple of years and it was found that a large part of it happened thanks to Pakistan.

The cyber war between Indian and Pakistan began in 1998 when the latter hacked into the website of the Bhabha Atomic Research Centre.

Experts say that the threat from the Chinese is however much greater when compared to Pakistan. The Chinese are only looking to dish out important information from our defence mechanism while Pakistan is more about defacing websites to show supremacy.

Vicky Nanjappa