[iwar] [fc:War.in.cyberspace]

From: Fred Cohen (fc@all.net)
Date: 2002-06-03 13:36:15
Next message: Fred Cohen: "[iwar] [fc:When.hacking.competitions.go.wrong]"
Previous message: Fred Cohen: "[iwar] [fc:Study:.Open.source.poses.security.risks]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200206032036.g53KaG532020@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Mon, 3 Jun 2002 13:36:15 -0700 (PDT)
Subject: [iwar] [fc:War.in.cyberspace]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

War in cyberspace

By Subimal Bhattacharjee, The Indian Express, 5/31/02
<a href="http://www.indian-express.com/full_story.php?content_id=3562">http://www.indian-express.com/full_story.php?content_id=3562>

Pakistan is not restricting itself to pushing terrorists across the
border to India. It is active in other manners, both overtly and
covertly, to cause disturbances in India. 
Some of the overt means are the fanning of communal tension across the
country and training terrorists from regions as far as Northeast India.
Among the covert activities, it has most significantly started
supporting and funding groups involved in cyber attacks on Indian
networks. 
Such cyber attacks have been directed against the Indian government and
corporate networks. These cyber attacks get intensified when the
physical skirmishes and tensions escalate between the two nations. 
During the Pokharan nuclear blasts in 1998 and the Kargil conflict in
1999, many such attacks were witnessed. These attacks have stayed and
increased in incidence and vigor ever since. The present tensions could
also have renewed attacks from Pakistani cyber forces. How concerned and
prepared are we to thwart such attempts? 
Just after September 11, the Institute for Security Technological
Studies at Dartmouth College, USA, issued a predictive analysis paper
which dwelt on the possibility of cyber attacks in the context of the
War against Terrorism. In that Analysis, it has been mentioned that
cyber conflicts immediately accompany physical attacks. This trend has
been witnessed in many of the existing conflicts in the world and the
India-Pakistan cyber conflict was also shaping up quite steadily. 
Cyber incursions by Pakistan on Indian networks has been on for sometime
now. Since the introduction of the Internet in Pakistan, there has been
enough instances of false and misleading propaganda by Pakistan-based
and Pakistan-supported groups against India through various websites.
Most of these initial offensives were vituperative campaigns against
India and a few sites used to post morphed pictures showing brutality by
Indian soldiers to incite sentiments. 
After the 1988 vandalism of the Bhabha Atomic Research Centre (BARC)
website and critical data stolen, ISI understood the advantage of the
virtual space and emerging tactics and started funding a few select
group of hackers. 
Since then efforts have been more organised and today there are regular
attempts on the key Indian nuclear research institutions like the Indira
Gandhi Centre for Atomic Research (IGCAR), Nuclear Science Centre (NSC)
and BARC to break past the firewalls. 
Cyberspace happens to be the domain of conflict where no casualties and
exchange of fire take place. Hence, it is a non-risky job for many of
the activist groups. While psychological advantage could be perceived by
staging such attacks, the overall impact of an actual terrorist strike
can never be realised. Thus the direct use of cyber tactics by the
Pakistani Army and ISI is ruled out. 
Unlike China, which is building up a fourth arsenal totally consisting
of cyber warriors, there is no credible belief to suggest Pakistan is
also contemplating such a step. Most of the Pakistani cyber attacks
today are from hacker activist groups, organised and unorganised in
their design of execution. Some of these groups are Anti India Crew
(AIC), G-Force, Pakistan Hackerz Club (PHC), Kill India and Death to
India. There have been reports of Osama bin Laden funding some of these
groups. The Canadian CERT had issued warnings of such influenced attacks
last year. Till date no lasting damages have been done, although the
hacking of BARC website and the subsequent stealing of sensitive data
have raised concerns. 
The hacking of the Central Board of Excise and Customs website carried
out in April this year by AIC by giving sufficient notice and
challenging patriot hackers from India to prevent such an attack is
worrisome. The reported clubbing of the three main anti-India hacker
groups, AIC, G-Force and PHC, as a coalition under the banner 'Al-Qaeda
Muslim' needs to be taken seriously by India. While G-Force targets
websites with massive readerships, AIC focuses on government networks
and PHC attacks the bigger names and networks, including those of large
corporate houses. 
Most of the cyber attacks by these Pakistani forces are carried out by
planting deadly viruses, inflicting denial of service attacks, hacking
into websites, snooping into e-mails, stealing confidential scientific
and strategic data and posting malicious mails and propaganda. It is
imperative to assess the threat perspective and do a risk analysis of
all such possible cyber attacks on the Indian networks, particularly in
the face of our extreme dependence on cyber infrastructures in the
day-to-day government and business functioning. Protection of our
critical infrastructures has to be seriously understood and defence
mechanisms need to be in place. 
While there are separate efforts by the Army and respective government
networks to secure themselves, considering the regular threats, such
defence mechanisms should be organised under one command and the
National Security Council should be entrusted the role. While firewalls,
anti-intrusion software and anti-virus products are available
commercially for protection, these versions are not always effective in
the face of such organised attacks. 
Moreover, most of the latest versions of these US products are embargoed
for countries like ours till a reasonable period of time. This is quite
surprising and under the newly formed Indo-US Joint Task Force on cyber
terrorism, this matter should be resolved and recent software and
services made available for the Indian government. The recent visit by
the US team under Lincoln Bloomfield, Chair of the President's
Commission on Critical Infrastructure has spelled out the need for
effective co-operation between the two nations to combat cyber attacks.
This could be an immediate step to set the partnership rolling. It is
pertinent to mention that many of these Pakistani cyber groups have
hacked into the US critical sites by even using Taiwan-based computer
systems as platforms recently. 
The present situation raises many questions about attacks and false
propaganda by Pakistan using the cyberspace. While anti-cyber attack
technologies have improved significantly, hackers have also matured and
become organised. In the absence of international laws to punish such
transnational cyber attackers and the surreptitious belligerence of the
Pakistani forces in the cyberspace, the best possible answer is to
remain vigilant and ready.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tied to your PC? Cut Loose and
Stay connected with Yahoo! Mobile
http://us.click.yahoo.com/QBCcSD/o1CEAA/sXBHAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: Fred Cohen: "[iwar] [fc:When.hacking.competitions.go.wrong]"
Previous message: Fred Cohen: "[iwar] [fc:Study:.Open.source.poses.security.risks]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT