China Steps Up Cyber War Against India, Hacks Strategic Operations On Net

Discussion in 'China' started by LETHALFORCE, May 6, 2010.

  1. LETHALFORCE

    LETHALFORCE Moderator Moderator

    Joined:
    Feb 16, 2009
    Messages:
    20,538
    Likes Received:
    6,539
    http://www.allheadlinenews.com/articles/7018604882

    Chengdu, China (AHN) - Detailed investigation has revealed that a cyber spy network is operating out of China, which is targeting the Indian business, diplomatic, strategic and academic interests. After this revelation was made, the Indian Army sounded an alert to avoid any damage to its cyber operations.

    The existence of the “fully dedicated India-specific espionage system” based in China was brought to light in a report “Shadows in the Cloud”. The report has been authored by a Canadian team, which carried out extensive research into this issue. However, experts claim that this revelation is just the tip of an ice-berg with China being involved in a whole lot of other espionage activities against India in the cyberspace.

    India’s National Technical Facilities Organization (NTRO) has indicated that a command and control system makes use of free web-hosting services and social networking sites like Twitter and Google to manipulate accounts, operated out of a “core” of servers based in Chengdu in China.

    The report was published on April 6, 2010 and its circulation increased with the growing realization of the implications that the Chinese cyber activities could have on India.

    The report says, “The largely India-centric cyber warfare system is called ‘son of ghost net’.” It further states that the email used in ghostnet was investigated under the Shadows research and was found to be associated with Xfocus and Isbase, two of the most popular Chinese hacking forums. The list of Indian computers that were found compromised due to this China-based cyber espionage is staggering. Indian missions in the US, Kabul, Moscow, Dubai, Abuja, Serbia, Belgium, Germany, Cyprus, UK and Zimbabwe were found to be infected.

    In fact, going a step further, Indian machines, located within India and related to the Indian military engineering services, were also tapped. In fact, the ghostnet targeted not only the military and diplomatic operations but think tanks like the Institute for Defense Studies and Analyses, publications like India Strategic and FORCE, corporations like DLF Limited, Tata, etc were also hacked at one point or another.

    The investigations for the report were held at Dharamshala, which is the headquarters of the Tibetan exile community in India.

    The report informed that the targeted email and social networking accounts were infected with malware, allowing them to receive more sophisticated software through attachments, which allowed the master servers in China to keep a close watch on all types of documents passing through the accounts.

    While the Indian government suffers silently, China has stepped up its cyber onslaught on Indian machines in the past one and a half years.

    According to cyber experts, repeated assaults on Indian computers and network accounts provides the Chinese officials an opportunity to familiarize not only with the content of these accounts but also to devise new means of disabling the networks, which might come in handy during a conflict in the future.
     
    nrj likes this.
  2.  
  3. nrj

    nrj Stars and Ambassadors Stars and Ambassadors

    Joined:
    Nov 16, 2009
    Messages:
    9,252
    Likes Received:
    3,347
    Location:
    Brussels
    What are they planning? Die-hard 4.0 ?

    Are we going to hear any official info from GOI regarding defense against such attacks or its again all part of secrecy?
     
    LETHALFORCE likes this.
  4. tharikiran

    tharikiran Regular Member

    Joined:
    Jun 11, 2009
    Messages:
    647
    Likes Received:
    343
    Location:
    Hyderabad,India
    I think any gov. site can be taken down one way or the other.Be it Chinese, be it Indian. No big deal.
    I don't think military networks will be open. They won't get an entry point.Let them Die Hard.... they will get nothing out of it.

    Indians usually are good at learning from others mistakes. We got the Pentagon and the other US agencies to learn from.
    Their networks were breached.
     
  5. RAM

    RAM The southern Man Senior Member

    Joined:
    Jul 15, 2009
    Messages:
    2,242
    Likes Received:
    210
    Location:
    Bharath
    Crisis Management Plan for Cyber Attacks

    The Minister of State for Communications & Information Technology, Shri Sachin Pilot in a written reply today informed Rajya Sabha that the Government has taken several measures to detect and prevent cyber attacks/espionage. The reply stated that as per existing computer security guidelines issued by Government, no sensitive information is to be stored on the systems that are connected to Internet.
    The Government has also formulated Crisis Management Plan for countering cyber attacks and cyber terrorism for implementation by all Ministries/ Departments of Central Government, State Governments and their organizations and critical sectors. The organizations operating critical information infrastructure have been advised to implement information security management practices based on International Standard ISO 27001.

    Ministries and Departments have been further advised to carry out their IT systems audit regularly to ensure robustness of their systems. The Indian Computer Emergency Response Team (CERT-In) has already empanelled a number of penetration testing professionals through a stringent mechanism of selection to carryout audits. National Informatics Centre (NIC), providing services to Ministries/Departments is continuously strengthening the security of the network operated by them and its services by enforcing security policies, conducting regular security audits and deploying various technologies at different levels of the network to defend against the newer techniques being adopted by the hackers from time to time.

    The Information Technology Act, 2000 as amended by the Information Technology (Amendment) Act, 2008 which came into force on 27.10.2009 provides legal framework to address the issues connected with hacking and security breaches of information technology infrastructure. Section 70 of the Act provides to declare any computer resource which directly or indirectly affects the facility of Critical Information Infrastructure, to be a protected system. Section 70B has empowered Indian Computer Emergency Response Team to serve as national nodal agency in the area of cyber security.

    The Indian Computer Emergency Response Team (CERT-In) scans the Indian Cyber Space to detect traces of any untoward incident that poses a threat to the cyber space. CERT-In performs both proactive and reactive roles in computer security incidents prevention, identification of solution to security problems, analyzing product vulnerabilities, malicious codes, web defacements, open proxy servers and in carrying out relevant research and development. Sectoral CERTs have been functioning in the areas of defence and Finance for catering critical domains. They are equipped to handle and respond to domain specific threats emerging from the cyber systems. CERT-In has published several Security Guidelines for safeguarding computer systems from hacking and these have been widely circulated. All Government Departments/ Ministries, their subordinate offices and public sector undertakings have been advised to implement these guidelines to secure their computer systems and information technology infrastructure. CERT-In issues security alerts, advisories to prevent occurrence of cyber incidents and also conducts security workshops and training programs on regular basis to enhance user awareness.

    Ministry of External Affairs has also issued a comprehensive set of IT security instructions for all users of MEA and periodically updates them on vulnerabilities. The Indian Missions abroad have been regularly sending information on safe computing practices. All personnel posted to Indian Missions and Posts abroad are being imparted IT security training.

    http://pib.nic.in/release/release.asp?relid=61597
     
    nrj likes this.
  6. Armand2REP

    Armand2REP CHINI EXPERT Veteran Member

    Joined:
    Dec 17, 2009
    Messages:
    10,397
    Likes Received:
    2,314
    You already heard the first stage of the plan... ban all Chinese Telcos. =xy
     
  7. BunBunCake

    BunBunCake Regular Member

    Joined:
    Apr 10, 2010
    Messages:
    405
    Likes Received:
    73
    Location:
    In front of the computer
    How do we learn from the Pentagon's mistakes? The Pentagon doesn't share jack with India.
     
  8. Armand2REP

    Armand2REP CHINI EXPERT Veteran Member

    Joined:
    Dec 17, 2009
    Messages:
    10,397
    Likes Received:
    2,314
    You share two things in common with the Pentagon, you both have networks and both are being attacked by the PLA. What more do you need in common to look at approaches to network security?
     
    Oracle likes this.
  9. anoop_mig25

    anoop_mig25 Senior Member Senior Member

    Joined:
    Aug 17, 2009
    Messages:
    5,195
    Likes Received:
    2,223
    i highly doubt Chinese would be able to hack american computers and even of they done it then Americans would have upgraded their cyber security while we in india enjoy when we hear that we have successfully taped phone of some vip`s . goi doesnot know how many of its site has been infected and how many are daily being attacked
     
  10. Rebelkid

    Rebelkid Regular Member

    Joined:
    Jan 10, 2010
    Messages:
    453
    Likes Received:
    24
    How can something which is not connected to the internet be hacked ?

    Didn't know all secret info of Indian strategic operations was on a public server....
     
  11. Oracle

    Oracle New Member

    Joined:
    Mar 31, 2010
    Messages:
    8,120
    Likes Received:
    1,541
    Location:
    Bangalore, India
    Huawei part of Chinese spy network, says R&AW

    NEW DELHI: Chinese telecom major Huawei may aggressively deny any link to the China’s People’s Liberation Army, but independent assessments of Indian intelligence agencies so far clearly point out that PLA remains a customer of the company and has become more involved with it.

    The security concerns of Indian intelligence agencies about Huawei’s close connection with the Chinese security establishment are shared by the US administration and had led the latter to cancel Huawei’s 2008 bid to pick up stake in 3Com.

    Even British intelligence agencies have warned that the Chinese could cripple IT-dependent telecom infrastructure and critical services like water, power and food supplies by embedding malware in equipment installed by firms such as Huawei and ZTE.

    According to security assessments of Huawei Technologies put together by R&AW, the Chinese firm not only shares ties with the Chinese security establishment but is also suspected to be a part of its intelligence set-up. Not only was it founded by retired PLA officer Ren Zhengfei, a former director of the Information Engineering Academy of the PLA’s general staff department, in 1988, but one of the members on the company’s board was an officer of the PRC ministry of state security.

    Huawei, intelligence inputs collected over a period of time point out, is responsible for sweeping and debugging all Chinese embassies and their expertise extends to bugging of the target telecommunication and computer systems. This explains Huawei’s involvement in projects for military purposes in Iraq during the Saddam Hussein regime and also in telecom projects in Afghanistan during the Taliban rule.

    Given the adverse reports of Huawei’s alleged role in bugging systems for the benefit of the Chinese security establishment, the communication ministry has warned BSNL to test all equipment supplied by the Chinese firm for “trapdoors, black box, malwares” and check if it is susceptible to remote hacking before it can be allow to be operational.

    http://economictimes.indiatimes.com...-spy-network-says-RAW/articleshow/5900798.cms
     
    nrj likes this.
  12. mattster

    mattster Respected Member Senior Member

    Joined:
    May 30, 2009
    Messages:
    1,048
    Likes Received:
    518
    Location:
    California
    India has been asleep until the New York Times article of the China spying on Indian defense and private companies came out a few months ago

    It took a group of Canadians and American computer scientists to figure out that Indian computers were being hacked by the chinamen.
     
  13. Iamanidiot

    Iamanidiot Elite Member Elite Member

    Joined:
    Dec 21, 2009
    Messages:
    5,326
    Likes Received:
    1,493
    inda keeps its sensitive information offline.Kinda old school
     
    tharikiran likes this.
  14. Oracle

    Oracle New Member

    Joined:
    Mar 31, 2010
    Messages:
    8,120
    Likes Received:
    1,541
    Location:
    Bangalore, India
    War or peace, Chinese firms pose a security risk

    Prudence demands that in our enthusiasm for expanding our economic ties with China, we should not allow suspect companies such as Chinese telecom giant Huawei a free run of our country and access to our communications network, says B Raman

    There has been increasing focus by Indian counter-intelligence agencies on the expanding presence, activities and business of the Chinese telecom giant Huawei, which is stated to have the largest mobile telephone business network in the world after Ericsson.

    Since the 1990s, there have been concerns in Western countries over the suspected links of the company with the People's Liberation Army and Chinese intelligence agencies. The concerns initially originated from the fact that the head of the company is a retired officer of the PLA. There were subsequent suspicions and allegations that many of its employees in China and its overseas offices were either serving or retired officers of the PLA or the Chinese intelligence.

    In fact, on the basis of the allegations made by the Washington Times in 2007, the Committee on Foreign Investment in the US made a review of the security implications of business deals between Huawei and some American companies. It called for a report on the subject from the office of the director of national intelligence.

    Huawei, which greatly values its business in the US, took note of the security-related concerns being increasingly voiced in America about the dangers of doing business with it and allowing it to acquire US companies, and reportedly volunteered to employ American citizens to supervise its contracts, which could have security implications. This offer was made following reports that it might be interested in acquiring a unit of Motorola.

    Wikipedia gives the following instances of security-related fears and enquiries relating to Huawei in different countries:

    • A report of the US government's Strategic Studies Institute on Argentina published in September 2007 described Huawei as 'known to bribe and trap clients'. The report further detailed its alleged unfair business practices, such as customers being given 'full-paid trips' to China and monetary 'presents'.

    • In February 2009, the president of Indonesian mobile carrier Excelcomindo Pratama confirmed a data theft attempt by a visiting Huawei employee who 'snuck in to the general manager's network planning office'.

    • In 2005, the possibility of Huawei's bid for British telecommunications company Marconi led to a request from the Conservative Party to the British government to 'consider the implications for Britain's defence security'. Marconi was later acquired by Swedish telecommunications giant Ericsson.

    In a 2008 military report to the US Congress, the Pentagon [ Images ] stated that Huawei 'maintains close ties' with the PLA. In the same year, the proposed acquisition of US-based communications company 3COM Corp by Huawei led to a US Congress investigation and subsequent determination by the director of national intelligence that '3Com-Huawei merger would undermine US national security'.

    • In March 2009, Alex Allan, the chairman of the British joint intelligence committee briefed members of the British cabinet about the 'threat' allegedly posed by Huawei's equipment in the British national telecom network BT. ( My comment: The British media reported that the JIC chairman had told the cabinet at a special briefing that 'Huawei components that form key parts of BT's new network might already contain malicious elements that could be activated by China and which could remotely disrupt or even permanently disable the network. Such action would have a significant impact on critical services such as power and water supplies, food distribution, the financial system and transport, which were dependent on computers using the communications network to operate.')

    • In September 2009, the Australian security and intelligence organisation started investigating the alleged links between local Chinese Huawei employees and the Chinese military. ( My comment: This enquiry was started following complaints made to the Australian government by some serving and former Australian employees of the Chinese company about its alleged suspicious activities).

    In the US and other Western countries, the intelligence and security agencies keep a close watch on its activities. At the same time, this has not been allowed to come in the way of Huawei's legitimate business. This is evident from the way it has been able to expand its business in the US and Europe despite all security-related fears and enquiries. Western countries follow a policy of allowing it to operate freely in areas and fields where there are no security-related concerns and curbing its activities where such concerns exist.

    The suspicions and fears of the Indian intelligence agencies regarding the expanding presence and activities of the Chinese company arise from the results of the enquiries faced by the company in other countries, allegations of its close links with the PLA which cannot be dismissed lightly, the dangers of allowing it to operate from sensitive places such as Bengaluru [ Images ] where it has an expanding research and development centre and the vulnerability to which our critical infrastructure could be exposed in times of a possible military conflict with China, if we depend on hardware and software supplied by Chinese companies.

    One should not forget that Saddam Hussein [ Images ] lost his first Gulf War with the US in 1991 even before it started because the American firm from which he had procured most of his communication hardware and software managed to paralyse them before the troops went in. The headquarters of Saddam's army in Baghdad was totally cut off from all communication with its units in other parts of the country.

    Prudence demands that in our enthusiasm for expanding our economic ties with China, we should not allow suspect companies such as Huawei a free run of our country and access to our communication network, which could facilitate their collection of intelligence in times of peace and war and paralyse our critical infrastructure during any military conflict.

    Indian intelligence agencies have done the right thing in sounding the wake-up call. Instead of taking their warnings seriously and examining what mid-course corrections are called for in our policy of giving a free run to Chinese telecommunications companies, Minister of State For Environment Jairam Ramesh [ Images ] has chosen to ridicule the intelligence agencies and the home ministry for imposing what he has described as needless restrictions and for being paranoid about Chinese investments. He has been quoted as saying: 'We are imagining demons where there are none.'

    One could not think of a more unfortunate, ill-informed and worrisome remark.

    The writer is additional secretary (retired), Cabinet Secretariat, Government of India, New Delhi, and, presently, director, Institute For Topical Studies, Chennai. He is also associated with the Chennai Centre for China Studies

    http://news.rediff.com/column/2010/may/10/war-or-peace-chinese-firms-pose-a-security-risk.htm
     
  15. nandu

    nandu Senior Member Senior Member

    Joined:
    Oct 5, 2009
    Messages:
    1,913
    Likes Received:
    162
    Location:
    Jamshedpur,INDIA
    Chinese envoy, ZTE team meet Home Secretary

    [​IMG]
    ZTE's India Unit Chairman D.K. Ghosh (C) along with company officials coming out after meeting Home Secretary G.K. Pillai in New Delhi on Thursday.

    India sought clarifications and additional information from leading Chinese telecom manufacturing firm ZTE on the issue of security clearance to their equipment.

    A team of ZTE officials, one of the Chinese telecom equipment manufacturers whose equipment had caused concerns of Indian security apparatus, on Thursday met Home Secretary G.K. Pillai.

    “Representatives of ZTE met the Union Home Secretary today and the issue relating to the security clearance for their products were discussed. The Union Home Secretary sought some clarifications and some additional information. The moment we receive the clarifications, we will process the matter,” a Home Ministry spokesperson said.

    “We had a meeting. Talks are going on. We have appealed to the government. We have put forward our thoughts. Let’s see.” D.K. Ghosh, ZTE India head, said after the meeting which lasted for about half an hour.

    “The talks were held in a positive environment,” he said when asked whether he was happy with the talks.

    ZTE and Huwaei Technologies are the two Chinese telecom companies whose equipment have evoked security concerns in India.

    Later in the day Chinese Ambassador to India Zhang Yan also met Mr. Pillai.

    Emerging from the nearly 45-minute meeting, Mr. Zhang told mediapersons that “we had a very good discussion. It was a positive meeting. I hope all relevant issues will be resolved.”

    Mr. Pillai had said three days ago that India’s norms for foreign telecom companies for doing business in the country were not loaded against China and every proposal is decided on case-by-case basis.

    BSNL’s tender for GSM worth Rs 36,000 crore allegedly did not get sanction from the Prime Minister’s Office six months ago following an alert from security agencies against the participation of Chinese companies, official sources said.

    The meeting between Mr. Zhang and Mr. Pillai also assumes significance in the backdrop of Environment Minister Jairam Ramesh’s comments in Bejing that Indian government was being “alarmist” and “paranoid” in its approach towards entry of Chinese companies in India.

    ZTE, a Chinese telecom equipment manufacturing company has a factory and research centre in Manesar, Gurgaon, which manufactures wide range of CDMA, GSM mobile sets and other telecom components. Huwaei has an R & D centre in Bangalore and are planning a manufacturing unit in India.

    http://beta.thehindu.com/business/companies/article429078.ece?homepage=true
     

Share This Page