China hacking into Indian defense Ministry

Sridhar

House keeper
Senior Member
Joined
Feb 16, 2009
Messages
3,474
Likes
1,061
Country flag
Chinese agents hack into India's secret documents

Chinese agents hack into India's secret documents



  • Chinese agents hack into India's secret documents


STAFF WRITER 12:28 HRS ISTBetwa Sharma

New York, Apr 6 (PTI)
Major Indian missile and armament systems may have been compromised as Chinese hackers have reportedly broken into top secret files of the Indian Defence Ministry and embassies around the world.

Among the systems leaked out could be Shakti, the just introduced advanced artillery combat and control system of the Indian Army and the country's new mobile missile defence system called the Iron Dome.

A new report called 'Shadow in the Clouds' by Canadian and American researchers based at the University of Toronto has said that a spy operation called 'Shadow Network' based out of China has tapped into top secret files of the Indian government.

In the investigations conducted over eight months, the report claimed that systematic cyber espionage was carried out from servers located in China that "compromised" government, business, academic and other computer network systems in India.


http://www.ptinews.com/news/597303_Chinese-agents-hack-into-India-s-secret-documents
 

Sridhar

House keeper
Senior Member
Joined
Feb 16, 2009
Messages
3,474
Likes
1,061
Country flag
Chinese hackers targets India, defence data compromised



Canadian, US researchers reveal India-focused spy ring based in China.




Major Indian missile and armament systems may have been compromised as Chinese hackers have reportedly broken into top secret files of the Indian Defence Ministry and embassies around the world. Among the systems leaked out could be Shakti, the just introduced advanced artillery combat and control system of the Indian Army and the country's new mobile missile defence system called the Iron Dome.
A new report called 'Shadow in the Clouds' by Canadian and American researchers based at the University of Toronto has said that a spy operation called 'Shadow Network' based out of China has tapped into top secret files of the Indian government.
In the investigations conducted over eight months, the report claimed that systematic cyber espionage was carried out from servers located in China that "compromised" government, business, academic and other computer network systems in India.


The report finds that Indian government related entities, both in India and throughout the world, had been thoroughly compromised.
These included computers at Indian embassies in Belgium, Serbia, Germany, Italy, Kuwait, the United States, Zimbabwe, and the High Commissions of India in Cyprus and the United Kingdom.
"These include documents from the Offices of the Dalai Lama and agencies of the Indian national security establishment," the report said.
"Data containing sensitive information on citizens of numerous third-party countries, as well as personal, financial, and business information, were also exfiltrated and recovered during the course of the investigation," it said.
"Recovery and analysis of exfiltrated data, including one document that appears to be encrypted diplomatic correspondence, two documents marked "SECRET", six as "RESTRICTED", and five as "CONFIDENTIAL". These documents are identified as belonging to the Indian government," it added.
These documents contain sensitive information taken from a member of the National Security Council Secretariat concerning secret assessments of India's security situation in the states of Assam, Manipur, Nagaland and Tripura, as well as concerning the Naxalites and Maoists.
In addition, they contain confidential information taken from Indian embassies regarding India's international relations with and assessments of activities in West Africa, Russia/Commonwealth of Independent States and the Middle East, as well as visa applications, passport office circulars and diplomatic correspondence.
However, the researchers note that there is no direct evidence that these were stolen from Indian government computers and they may have been compromised as a result of being copied onto personal computers.
Recovered documents also included presentations relating to the following projects: Pechora Missile System – an anti-aircraft surface-to-air missile system, Iron Dome Missile System - a mobile missile defence system (Ratzlav-Katz 2010) and Project Shakti - an artillery combat command and control system (Frontier India 2009).
The report also finds that the spies also hacked into information on visa applications submitted to Indian diplomatic missions in Afghanistan.
This data was voluntarily provided to the Indian missions by nationals of 13 countries as part of the regular visa application process.
"In a context like Afghanistan, this finding points to the complex nature of the information security challenge where risks to individuals (or operational security) can occur as a result of a data compromise on secure systems operated by trusted partners," the report said.
The investigation also said that 1,500 letters sent from the Dalai Lama's office between January and November 2009, were also leaked out.
The researchers noted that while there was no clear insight into the motives of the spies, "the theme appears to involve topics that would likely be of interest to the Indian and Tibetan communities".


http://www.indianexpress.com/news/chinesehackerstargetsindia-defencedatacompromised/600710/0
 

Sridhar

House keeper
Senior Member
Joined
Feb 16, 2009
Messages
3,474
Likes
1,061
Country flag
Spying on Computer Spies Traces Data Theft to China

Fred Lum/The Globe and Mail
From left, Nart Villeneuve, Greg Walton and Ronald J. Deibert, researchers who monitored a China-based computer spying ring.

By JOHN MARKOFF and DAVID BARBOZA

Published: April 5, 2010





TORONTO — Turning the tables on a China-based computer espionage gang, Canadian and United States computer security researchers have monitored a spying operation for the past eight months, observing while the intruders pilfered classified and restricted documents from the highest levels of the Indian Defense Ministry.


In a report issued Monday night, the researchers, based at the Munk School of Global Affairs at the University of Toronto, provide a detailed account of how a spy operation it called the Shadow Network systematically hacked into personal computers in government offices on several continents.
The Toronto spy hunters not only learned what kinds of material had been stolen, but were able to see some of the documents, including classified assessments about security in several Indian states, and confidential embassy documents about India’s relationships in West Africa, Russia and the Middle East. The intruders breached the systems of independent analysts, taking reports on several Indian missile systems. They also obtained a year’s worth of the Dalai Lama’s personal e-mail messages.
The intruders even stole documents related to the travel of NATO forces in Afghanistan, illustrating that even though the Indian government was the primary target of the attacks, one chink in computer security can leave many nations exposed.
“It’s not only that you’re only secure as the weakest link in your network,” said Rafal Rohozinski, a member of the Toronto team. “But in an interconnected world, you’re only as secure as the weakest link in the global chain of information.”
As recently as early March, the Indian communications minister, Sachin Pilot, told reporters that government networks had been attacked by China, but that “not one attempt has been successful.” But on March 24, the Toronto researchers said, they contacted intelligence officials in India and told them of the spy ring they had been tracking. They requested and were given instructions on how to dispose of the classified and restricted documents.
On Monday, Sitanshu Kar, a spokesman for the Indian Defense Ministry, said officials were “looking into” the report, but had no official statement.
The attacks look like the work of a criminal gang based in Sichuan Province, but as with all cyberattacks, it is easy to mask the true origin, the researchers said. Given the sophistication of the intruders and the targets of the operation, the researchers said, it is possible that the Chinese government approved of the spying.
When asked about the new report on Monday, a propaganda official in Sichuan’s capital, Chengdu, said “it’s ridiculous” to suggest that the Chinese government might have played a role. “The Chinese government considers hacking a cancer to the whole society,” said the official, Ye Lao. Tensions have risen between China and the United States this year after a statement by Google in January that it and dozens of other companies had been the victims of computer intrusions coming from China.
The spy operation appears to be different from the Internet intruders identified by Google and from a surveillance ring known as Ghostnet, also believed to be operating from China, which the Canadian researchers identified in March of last year. Ghostnet used computer servers based largely on the island of Hainan to steal documents from the Dalai Lama, the exiled Tibetan spiritual leader, and governments and corporations in more than 103 countries.
The Ghostnet investigation led the researchers to this second Internet spy operation, which is the subject of their new report, titled “Shadows in the Cloud: An investigation Into Cyberespionage 2.0.” The new report shows that the India-focused spy ring made extensive use of Internet services like Twitter, Google Groups, Blogspot, blog.com, Baidu Blogs and Yahoo! Mail to automate the control of computers once they had been infected.
The Canadian researchers cooperated in their investigation with a volunteer group of security experts in the United States at the Shadowserver Foundation, which focuses on Internet criminal activity.
“This would definitely rank in the sophisticated range,” said Steven Adair, a security research with the group. “While we don’t know exactly who’s behind it, we know they selected their targets with great care.”
By gaining access to the control servers used by the second cyber gang, the researchers observed the theft of a wide range of material, including classified documents from the Indian government and reports taken from Indian military analysts and corporations, as well as documents from agencies of the United Nations and other governments.
“We snuck around behind the backs of the attackers and picked their pockets,” said Ronald J. Deibert, a political scientist who is director of the Citizen Lab, a cybersecurity research group at the Munk School. “I’ve not seen anything remotely close to the depth and the sensitivity of the documents that we’ve recovered.”
The researchers said the second spy ring was more sophisticated and difficult to detect than the Ghostnet operation.
By examining a series of e-mail addresses, the investigators traced the attacks to hackers who appeared to be based in Chengdu, which is home to a large population from neighboring Tibet. Researchers believe that one hacker used the code name “lost33” and that he may have been affiliated with the city’s prestigious University of Electronic Science and Technology. The university publishes books on computer hacking and offers courses in “network attack and defense technology” and “information conflict technology,” according to its Web site.



[SIZE=-1](Page 2 of 2)[/SIZE]
The People’s Liberation Army also operates a technical reconnaissance bureau in the city, and helps finance the university’s research on computer network defense. A university spokesman could not be reached Monday because of a national holiday.



The investigators linked the account of another hacker to a Chengdu resident whose name appeared to be Mr. Li. Reached by telephone on Monday, Mr. Li denied taking part in computer hacking. Mr. Li, who declined to give his full name, said he must have been confused with someone else. He said he knew little about hacking. “That is not me,” he said. “I’m a wine seller.”
The Canadian researchers stressed that while the new spy ring focused primarily on India, there were clear international ramifications. Mr. Rohozinski noted that civilians working for NATO and the reconstruction mission in Afghanistan usually traveled through India and that Indian government computers that issued visas had been compromised in both Kandahar and Kabul in Afghanistan.
“That is an operations security issue for both NATO and the International Security Assistance Force,” said Mr. Rohozinski, who is also chief executive of the SecDev Group, a Canadian computer security consulting and research firm.
The report notes that documents the researchers recovered were found with “Secret,” “Restricted” and “Confidential” notices. “These documents,” the report says, “contain sensitive information taken from a member of the National Security Council Secretariat concerning secret assessments of India’s security situation in the states of Assam, Manipur, Nagaland and Tripura, as well as concerning the Naxalites and Maoists,” two opposition groups.
Other documents included personal information about a member of the Indian Directorate General of Military Intelligence.
The researchers also found evidence that Indian Embassy computers in Kabul, Moscow and Dubai, United Arab Emirates, and at the High Commission of India in Abuja, Nigeria had been compromised.
Also compromised were computers used by the Indian Military Engineer Services in Bengdubi, Calcutta, Bangalore and Jalandhar; the 21 Mountain Artillery Brigade in Assam and three air force bases. Computers at two Indian military colleges were also taken over by the spy ring.
Even after eight months of watching the spy ring, the Toronto researchers said they could not determine exactly who was using the Chengdu computers to infiltrate the Indian government.
“But an important question to be entertained is whether the P.R.C. will take action to shut the Shadow Network down,” the report says, referring to the People’s Republic of China. “Doing so will help to address longstanding concerns that malware ecosystems are actively cultivated, or at the very least tolerated, by governments like the P.R.C. who stand to benefit from their exploits though the black and gray markets for information and data.”



http://www.nytimes.com/2010/04/06/science/06cyber.html?pagewanted=2
 

Oracle

New Member
Joined
Mar 31, 2010
Messages
8,120
Likes
1,566
/\/\/\ This is what happens when GoI develops their systems floating local tenders and not international ones. Corruption is eating out everything. And the Chinese are merry making.

But, I seriously do not think machines pertaining classified defense manuals and OR secrets would be connected to the internet. We had a major kick during the BARC hacking incident, right?
 

Rage

DFI TEAM
Senior Member
Joined
Feb 23, 2009
Messages
5,419
Likes
1,001
Hold on a second. This seems to be a more specific assessment of what did go wrong in the aftermath of the fact.


China hackers ‘stole’ missile info, Naxal data

07/04/2010


New Delhi: A year after Indian embassies across the world were compromised by a China-based cyber espionage network, investigators have uncovered the extent of the spy ring, revealing that computers in the National Security Council Secretariat (NSCS) were infected, giving the hackers access to confidential documents on the security assessment of Northeastern states and Naxalite movement, besides information on missile defence systems and military equipment.

More than 35 sensitive computers belonging to the NSCS, Indian Air Force, the Army's Military Intelligence and Indian missions in Kabul and Moscow were accessed by the spy ring for long periods of time after they got infected by 'GhostNet', a Chinese cyber network that first came to light last year when investigators were looking into loopholes in the Dalai Lama's computer systems in Dharamsala.

While during the limited period of the investigation no secret documents were accessed, the extent of damage is still not known, considering that the Chinese spy network could have been operational for several years.

The latest revelations come from a second report on GhostNet by researchers based at the Munk Center for International Studies in the University of Toronto, , titled 'Shadows in the Cloud: Investigation Cyber Espionage 2.0'. The Indian Defence Ministry has not yet reacted to the report, with officials saying they are still studying its implications. However, it has come to light that the report was shared with the National Technical Research Organisation (NTRO) -- India's premier electronic surveillance agency -- in February by the investigating team.

While sensitive matter on the defence forces was not leaked -- information compromised on the Pechora and Iron Dome missile defence systems and the Shakti artillery control and command system is already in the public domain -- the main cause of worry for India is that the hackers got access to computers in the NSCS, the apex body through which all intelligence reports and strategic analysis are processed.

The report says that at least 14 documents, including two marked secret, were stolen from NSCS computers. "The exfiltrated documents focus on India's security situation in the states of Assam, Manipur, Nagaland and Tripura as well as the Naxalites, Maoists, and what is referred to as 'left wing extremism'," the report says.

Computers linked with the 21 Mountain Artillery Brigade in the state of Assam; the Air Force Station, Race Course, New Delhi; and the Air Force Station, Vadodara, Gujarat; were also compromised.

Besides, computers at Indian missions in Kabul, Moscow, Dubai and Nigeria were accessed by the GhostNet, resulting in leakage of documents on diplomatic relations with other countries, confidential visa documents and financial and travel information of senior embassy staff. Computers of nine key Indian embassies across the world, including offices in the US, UK and Germany, besides India's premier National Informatics Centre (NIC), which governs and hosts all government websites, were infected last year.


The team has linked the attack to individuals based in Chengdu, Sichuan. All attacks on Indian computers originated from the town. While there is no conclusive proof to link the hacking to the official government machinery in China, investigators are certain that the origin of the network lies within the country.

"It is certainly possible that the attackers were directed in some manner -- either by sub-contract or privateering -- by agents of the Chinese state, but we have no evidence to prove that assertion," the report says.

In a reaction from Beijing, the Chinese Foreign Ministry said the allegations were baseless and that China was opposed to hacking and considered it an international crime.

"During our investigation, we recovered documents that are extremely sensitive from a national security perspective as well as documents that contain sensitive information that could be exploited by an adversary for intelligence purposes. We recovered one document that appears to be an encrypted diplomatic correspondence, two documents classified as 'secret', six as 'restricted', and five as 'confidential'," the report says.

The documents also contained confidential information regarding India's international relations and assessment of activities in West Africa, Russia and the Commonwealth of Independent States and the Middle East. While computers of the Military Engineer Services (MES) were also infected, non-sensitive information like manuals and forms, besides personal details of individuals, was leaked.

In March last year, the mysterious GhostNet had first come to light when the Canadian team, which includes an Indian researcher Shishir Nagaraja, hit on the espionage ring while investigating cyber security loopholes in the Dalai Lama's office in Dharamsala. The investigation had pointed to several hackers in China's Hainan province, where the Lingshui Signals Intelligence facility is located.

Indian Express


http://news.in.msn.com/internalsecurity/news/article.aspx?cp-documentid=3771253
 

Rage

DFI TEAM
Senior Member
Joined
Feb 23, 2009
Messages
5,419
Likes
1,001
More importantly, what is India's response to this going to be?

I do know there is an anti-cyber warfare cell, with limited protraction capabilities.

We need express provisions for issues like Denial of Service, Distributed Denial of Service, trojans, bots, SQL injections, etc. Cyber warfare has the capability to be deadly serious in terms of chaos and confusion during wartime - from power grids to water supplies to military strategies and banking institutions. If we don't act fast, we'll be a sitting f^cking duck.

I read in 2008 that the Indian armed forces and establishment were trying to augment their C4ISR capabilities, with the option of launching a counter-offensive if the need arises. I don't know how much progress they've made on that front; from the looks of it, very little.
 
Last edited:

Sridhar

House keeper
Senior Member
Joined
Feb 16, 2009
Messages
3,474
Likes
1,061
Country flag
Two Indian Defence Magazines, Think Tanks Hacked By Chinese!


Two Indian defence magazines FORCE and India Strategic were hit by Chinese hackers recently, a joint report by the Munk University Information Warfare Monitor and Shadowserver foundation has found. The report, published today, notes, "We assess that computers at the India Strategic defence magazine and FORCE magazine were compromised based on the documents exfiltrated by the attackers. During the period in which we monitored the attackers, 58 documents were exfiltrated. While these documents include publicly accessible articles and previous drafts of those articles, there is also private information regarding the contact details of subscribers and conference participants. The documents also include interviews, documents, and PowerPoint presentations from conferences that detail national security topics, such as network data and monitoring for national security, and responses to combat cyber threats."

The report continues: "During our investigations we found that a variety of academic targets had been compromised, including those at the Institute for Defence Studies and Analyses (IDSA) as well as journalists at India Strategic defence magazine and FORCE magazine. The exfiltrated papers included those discussing the containment of the PRC, Chinese military exports, and Chinese foreign policy on Taiwan and Sino-Indian relations. More specifically, there were documents that focused on ethnicity, religion and politics in Central Asia, and the links between armed groups and the PRC. Although the academic papers exfiltrated by the attackers are publicly available, the content of the material indicates that the attackers managed to compromise those with a keen interest in the PRC."

This is of course just the tip. The report reveals that several agencies and units, including the IAF station in Vadodara, the 21 Mountain Brigade and the Military Engineer Service had information stolen by Chinese hackers.

http://livefist.blogspot.com/2010/04/two-indian-defence-magazines-think.html
 

Sridhar

House keeper
Senior Member
Joined
Feb 16, 2009
Messages
3,474
Likes
1,061
Country flag
India was aware of hacking threat

Indrani Bagchi, TNN, Apr 7, 2010, 03.21am IST
NEW DELHI: Last week, Indian cyber security officials were in Toronto to meet the researchers from Munk School of Global Affairs whose year-long project, `Shadows in the Cloud', tracked cyber espionage attempts against computers and servers in some 31 countries, but overwhelmingly in India, including the national security and defence establishments. Other "entities of interest", according to the report, included The Times of India.

Over the past few months, after the first reports of a China-based network of cyber spies emerged, Indian officials in key departments have been on a silent overdrive to stop the attacks and monitor servers.

To this extent, sources told TOI they had even placed "ploys" on different servers that were being targeted, as bait to entice cyber warriors to track them to their source.

Sachin Pilot, minister of state for IT and telecommunications, said, "We need to be extra vigilant about cyber terrorism, because this can inflict attacks of an assymetric nature, and is therefore that much more dangerous." Pilot has been tracking cyber espionage and has even been in touch with the Canadian researchers. He observed that government systems had not been compromised.

Cert-IN, the official emergency response unit of the government, has suggested counter-measures to guard against such espionage. Pilot said new products were getting introduced regularly and software not tested properly contained zero-day vulnerabilities.

In fact, Indian agencies have been on alert for some time now, and their preventive actions have been reasonably successful. The national security establishment, defence and intelligence agencies follow a complex, multi-layered system to avoid access to their information. Officials said the really classified stuff was not on open networks at all.

However, other parts of the government, for instance, the finance ministry, have been compromised according to sources familiar with developments, because their security may be that much more lax.

A quiet effort is underway to set up defensive mechanisms, but cyber warfare is yet to become a big component of India's security doctrine. Dedicated teams of officials, all underpaid of course, are involved in a daily deflection of attacks. But the real gap in the Indian system is that a retaliatory offensive system has not yet been created to counter them. And it's not difficult, said sources. Chinese networks are very porous, and India is an acknowledged IT giant.

During M K Narayanan's tenure as national security advisor, the NSC had developed a comprehensive cyber security policy, but this was never implemented.

http://timesofindia.indiatimes.com/india/India-was-aware-of-hacking-threat-/articleshow/5767977.cms
 

nandu

Senior Member
Joined
Oct 5, 2009
Messages
1,913
Likes
163
China denies hacking Indian Defence Ministry computers

NEW DELHI - China has denied that Chengdu-based hackers stole information from the Indian Defence Ministry.

A group of researchers at the Munk Centre for International Studies at the University of Toronto claimed that a cyber-espionage group based in southwest China stole documents from the Indian Defence Ministry and emails from the Dalai Lama's office.

The hackers allegedly stole classified reports about security in several Indian states, and about several Indian missile systems.

"China firmly opposes any kind of cyber crime, including cyber attacks. The cyber attack is an international issue requiring the cooperation and joint efforts of the international community," Foreign Ministry spokesperson Jiang Yu told reporters.
I don't know what evidence these people have, or what their motives are," the China Daily quoted Jiang said, as referring to the researchers.

The spokesperson added that China could investigate if these allegations were provided with evidence.

"Our policy is very clear. We resolutely oppose all Internet crime, including hacking," she said.

The "cyberspies" used popular online services, including Twitter, Google groups and Yahoo mail, to access infected computers, ultimately directing them to communicate with command and control servers in China, said the report released by the Munk Centre, entitled Shadows in the Cloud.

Stolen documents recovered by the researchers contained sensitive information taken from India's National Security Council Secretariat, the group of researchers said.

"We have heard about the hacking report and the concerned department is looking into the case," said Sitanshu Kar, Indian Defence Ministry's spokesman.

http://blog.taragana.com/index.php/archive/china-denies-hacking-indian-defence-ministry-computers/
 

Energon

DFI stars
Ambassador
Joined
Jun 3, 2009
Messages
1,199
Likes
767
Country flag
Wow.......This is indeed shocking that Indian Defense Ministry is so porous.
The article also says that various Indian Embassies are all compromised. If this is true, then so much for Indian IT prowess.

http://www.nytimes.com/2010/04/06/science/06cyber.html?hp
Actually I really don't think this is shocking by any means. This incident is merely just another reminder showing how woefully inadequate and ill prepared the Indian establishment really is when it comes to facing tangible threats.

Now you bring up a very poignant issue about the prowess. The Indian IT prowess (if any at all) is mostly limited to the private sector which caters to foreign businesses, foreign governments and the creature comforts of foreign societies.What's really interesting to note is the absolute divide here...despite the advances of business to business or business to consumer IT solutions which enhance convenience to me or you as a consumer in this part of the world, absolutely none of this is available or even imaginable in India itself.

Just speak with anyone who has done business with the Indian government in the sectors of new technologies and they'll tell you how pathetic the working conditions are. This inability to conduct business (or anything meaningful for that matter) has left the Indian establishment to be an archaic, diseased, incompetent, malignant and pathetic organization that is responsible for the abysmal standard of living in India today. It is neither equipped nor competent enough to face the challenges of the new millennium, let alone those of the past century. With critical structural deficiencies intact and unaddressed... humiliating, damaging and dangerous incidences such as these should be expected.
 

Rage

DFI TEAM
Senior Member
Joined
Feb 23, 2009
Messages
5,419
Likes
1,001
This is a very telling article on the state of anti-cyber warfare and networks in India:

----

Spies reach deep into India's defence

GRANT ROBERTSON

From Tuesday's Globe and Mail Published on Tuesday, Apr. 06, 2010 5:16AM EDT Last updated on Tuesday, Apr. 06, 2010 11:51AM EDT


When Greg Walton began sifting through the files recovered from one of the biggest Internet spy rings ever cracked, the evidence didn't immediately strike him as a high-stakes espionage case.

The first stolen file Canadian researchers unearthed seemed innocuous. It was an e-mail sent from people in the tiny village of Pooha in India to the Dalai Lama. The small Himalayan enclave was sending 34 boxes of “our finest apples” to the Tibetan leader to wish him a long and healthy life.

“Nothing Earth shattering,” Mr. Walton said.

But soon, Mr. Walton and his colleagues found far more dangerous e-mails in the recovered files that were linked to servers in China.

The spy ring linked to China had Indian national security files, including details of the Pechora missile system, an anti-aircraft, surface-to-air weapons project. Other documents contained data related to the Iron Dome missile system, and Project Shakti, an artillery combat system.

Documents related to military training schools were also found, along with information on troops. Computers at Indian corporations, including YKK India and Tata, had also been compromised.

Mr. Walton, an expert on the region who conducted the field research in India for the investigation, was amazed.

“I thought, wow, that's like the whole Indian defence establishment,” he said yesterday as the researchers prepared to issue their report on the online espionage, titled Shadows in the Cloud: An Investigation Into Cyber Espionage 2.0. The report is a collaboration involving Ottawa-based consultancy SecDev and the Munk School of Global Affairs at the University of Toronto.

The report stops short of blaming the Chinese government, mainly because the researchers just aren't sure. China has shrugged off allegations of cyber spying in the past, including Google's revelation in January that it was attacked late last year.

Often, the government blames so-called “patriotic hackers,” groups of people in China loyal to the state who launch rogue attacks.

“We cannot establish links to the People's Republic of China government,” Mr. Walton said. “But at the same time, there is a growing body of evidence that there's some kind of relationship between the state's specific agencies and the computer underground – the hacking scene – in China.”

The official position of China is that the state does not support such measures.

However, Mr. Walton said the government does not discourage the activity. China “has a vibrant hacker community that has been tied to targeted attacks in the past, and has been linked through informal channels to elements of the Chinese state,” says the report, which will be made public today.

Even if the government isn't behind the attacks, “information that is independently obtained by the Chinese hacker community is likely to find its way to elements within the Chinese state,” the report says.

Cyber spying is not limited to China. It is plausible that most major powers in the world are engaging in some form of online espionage, the researchers believe.

“If we looked in another part of the world with a different set of victims, we'd probably find entirely different cyber espionage networks,” said Ron Deibert, director of the Citizen Lab at the Munk School of Global Affairs. He calls it a new form of arms race, one that is cheaper than the other methods of espionage, such as satellite networks that cost billions.

For now, the Indian government is not reacting to the report's findings. Mr. Deibert met with government officials late last week to inform them of the forthcoming report. They thanked him for the meeting and seemed “taken aback,” Mr. Deibert said.

In the past, government officials in India have dismissed suggestions that online spies from China have infiltrated the country, and the government has been reluctant to discuss the matter publicly.



http://www.theglobeandmail.com/news/national/spies-reach-deep-into-indias-defence/article1524425/
 

nrj

Ambassador
Joined
Nov 16, 2009
Messages
9,658
Likes
3,911
Country flag
If we consider the INTERNET & capabilities of intruder's brain then nothing is 'Secured"!

If a Black Hat hacker decides to steal the data, & programs the specifics for the same then its beyond limits of prevention.

Moreover, its not when the host/anyone realizes that it is being hacked; most of the times this process is silent & host could not even recognize it (yeah, that's the first design principle any intruder incorporates!) .......

Major countries have learned a lot after the Pentagon's F35 (?) data was stolen by chinese ( ?? or some hairy fat hacker out on fling) , the defense data files / National policies / Research projects are never stored on an active interactive network. This news is nothing more than a fancy read....

These so called Chinese hackers (?) or any entity is feeling so Pro & proud of itself these days that, I fear they've fallen for an precise phishing trap... >>>>>>
 

RAM

The southern Man
Senior Member
Joined
Jul 15, 2009
Messages
2,288
Likes
445
Country flag
cyber power


China’s cyber capability came into sharp focus recently when a report, issued coincidentally at the start of S M Krishna’s maiden visit to China, publicised that Chinese hackers had accessed and ‘stolen’ voluminous classified information from computers in sensitive government offices in India. The report, entitled ‘Shadows in the Cloud’ issued on April 6 by the Munk School of Global Affairs of the University of Toronto jointly with other organisations, stated that a number of computers in Indian establishments had been compromised. Launched specifically to investigate the extent of penetration by Chinese hackers of computers in the Dalai Lama’s offices, researchers detected that computers in 10 Indian embassies including Afghanistan, Russia, UAE, and USA, as well as in the Indian High Commissions in Nigeria and the UK had been compromised. Sensitive establishments targeted included the National Security Council Secretariat, a couple of MES establishments, the 21 Mountain Artillery Brigade, two air force stations, the Army Institute of Technology, Pune and the Military College of Electronics and Mechanical Engineering in Secunderabad. Computers of defence-related think tanks, like the IDSA and of academics and journalists working on defence issues were also compromised.


The Munk Centre and two researchers from the University of Illinois and Cambridge respectively, had in March 2009 issued similarly disturbing reports highlighting China’s cyber espionage attempts. It revealed that 1,295 computers in 103 countries were affected; 30 per cent of the affected computers as high value targets with many belonging to foreign governments and the Dalai Lama’s offices in India, Brussels, New York and London. A NATO computer, one in the Indian embassy in Washington and computers in nine other Indian embassies in UK, US, Germany, Serbia, Cyprus, Belgium, Italy, Kuwait and Zimbabwe were identified. The infected node stretched in an arc from India, Bhutan, Bangladesh, Vietnam, Laos, Brunei, Philippines, Hong Kong and Taiwan.

All the reports identify China as the source of the cyber attacks. The latest report identifies at least one hacker as based in Chengdu, capital of China’s Sichuan province and as associated with officially-tolerated hacker organisations like NSFocus and Eviloctal. Both these have links to the People’s Liberation Army (PLA). Another hacker was linked to the University of Science and Technology in Chengdu.

All these reports reveal that India has been subjected to sustained cyber attacks. While unlike in the US there is no official quantification of cyber attacks in India, estimates are that these were quite high last year. It is evident that computers of specific officials in sensitive establishments have been targeted, suggesting that a large number of computers were surveilled before a target was determined.

The reports are particularly disturbing since China views cyberspace as the battleground of the future. The military dimension to China’s interest in cyber technology was enunciated in a quasi-official book published in 1999, by two PLA senior colonels and entitled Unrestricted Warfare. Cyber warfare is suited to asymmetric warfare as it affords stealth, speed and deniability. Today, especially in advanced nations, Internet is a critical part of the operating infrastructure of public utilities like water works and electricity grids, transportation networks, financial institutions, health services, etc. The effort to merge Internet and mobile telephone networks will increase this vulnerability. After China’s President Hu Jintao in 2007 stressed the importance of cyber capability or ‘informationisation’ of the armed forces this became an area of intensive research and capital investment.

China formulated its cyber strategy in the early 1990s. The objective was to secure and control assured supplies of scarce essential resources, acquire dominance in the manufacture of hardware, gain the lead in cyber and wireless technology, and achieve indigenous capability and sophistication in software design. China developed an overarching policy encompassing civil and military applications. It declared rare earth metals a secret national priority in the mid-1980s. These metals are irreplaceable and used in hundreds of technologies ranging from mobile phones, BlackBerrys to low-light energy bulbs, missile guidance systems, superconductors and computer hard drives. In 1997, Deng Xiaoping observed that ‘China would be for rare earth metals what the Middle East is to oil’ and within 20 years China acquired virtually monopolistic control over the supply of rare earth metals. China’s ministry of industry and information technology demonstrated this when it recently proposed a total ban on the export of certain rare earth metals and recommended limiting the export of others to 35,000 metric tonnes a year. Japan, which alone needs over 38,000 metric tonnes, has accused China of treating rare earth metal exports as a ‘21st century economic weapon’.

China’s experimentation with cyber espionage and attacks coincided with the advances made in its cyber strategy. Official US estimates in 2008 noted that Chinese hackers mainly targeted US defence computers and systems and downloaded 10-20 tetrabytes of data. Chinese hackers are assessed as downloading intellectual properties estimated at $40-50 billion each year from the US.

China’s hostile cyber activity has attracted international attention because of the dominant military component in its cyber capability. Hundreds of Chinese nationals are being trained in cyber-warfare, many in academies run by the PLA, like the ‘informationisation’ military courses offered in Wuhan University. The PLA has, since 2002, steadily augmented its cyber-capable Information Warfare (IW) militia units. The distinction between civilian and military cyber applications has been deliberately blurred, as many militia units comprise personnel from the commercial sector and academia. This has widespread implications as a number of China’s Internet and wireless technology companies, like Huawei and ZTE, are going global. International concern has predictably generated debate on the appropriate response to a cyber attacks. The US and Western nations favour a military response including precision missile strikes.

India too will have serious concerns. Estimates are that China’s cyber force has at least 50,000 hackers targeting India and the Dalai Lama’s establishment and they are based in the Xinjiang-Uyghur Autonomous Region. With India and its armed forces getting increasingly ‘wired’ enhancing cyber security must be a priority. This has to be combined with the capability to trace and disable the source of cyber attacks.

http://expressbuzz.com/opinion/op-ed/china’s-cyber-power/164508.html
 

nandu

Senior Member
Joined
Oct 5, 2009
Messages
1,913
Likes
163
Antony asks military to prepare against cyber attacks

NEW DELHI: In the wake of reports of Chinese hackers stealing vital data from Indian defence and diplomatic computer networks, defence minister A K Antony on Friday asked the armed forces to coordinate closely with other cyber security agencies to prepare a crisis management action plan against cyber terrorism.

The minister noted that cyber-space had emerged as an important medium for information sharing, but at the same time the existing technology was susceptible to misuse by anti-social and anti-national elements.

"Of late, extraordinary and unprecedented cyber crimes have taken place across the globe, exposing gap holes in cyber security systems," Antony told the armed forces Unified Commanders' Conference here.

"Although defence services at all levels have taken steps to counter cyber threat through stringent implementation of cyber security policy, there is still a requirement to ensure that all loopholes are suitably plugged. A few recent cases are reminders of our own vulnerabilities," he said.

Close interaction with national agencies like computer and emergency response team (CERT), NTRO, home and it ministries to prepare a crisis management action plan for countering cyber attacks and cyber terrorism is essential, he said inaugurating the conference.

Minister of state for defence M M Pallam Raju, Chiefs of Staff Committee Chairman and IAF Chief Air Chief Marshal P V Naik, Navy Chief Admiral Nirmal Verma, Army Chief General V K Singh, defence secretary Pradeep Kumar and Chief of Integrated Staff Committee Air Marshal S C Mukul were also present on the occasion.

Expressing happiness over the progress made to improve jointness among armed forces in various spheres, Antony said increasing involvement of Integrated defence service headquarters in defence issues, the functioning of Andaman and Nicobar Command and the progress of strategic forces command were a few examples of the success of the inter-operability concept.

He said the future of optimal military power lay in joint operations.

"Towards this end, the first-ever long term integrated perspective plan for 2012-27 is nearing completion under the aegis of IDS headquarters. Once finalised, it would be yet another milestone in our progress towards jointness," he said.

Referring to the use of large-scale energy resources in the armed forces and availability of alternative sources of energy, Antony called upon the top brass to bring about strict energy conservation discipline.

Regarding the armed forces modernisation, Antony assured the commanders that there would never be a paucity of funds.

However, he asked them to control the revenue expenditure by adopting various mechanisms such as increased use of technology, integration of the three Services, adopting joint training and procedures, and uniform inventories.

The defence minister said there also existed considerable scope for improving the quality and efficacy of defence expenditure through increased private sector engagement, import substitution and indigenisation, improvement in procedures and practices and better project management within the parameters of the government's policies.

http://timesofindia.indiatimes.com/...against-cyber-attacks/articleshow/5821745.cms
 

AkhandBharat

Regular Member
Joined
Aug 7, 2009
Messages
542
Likes
79
Made in China: Cyber-spying system, with focus on India

NEW DELHI: Reports of a China-based cyber spy network targetting the Indian military and the consequent alert sounded by Army authorities may be only the tip of the iceberg -- investigations have revealed a fully dedicated India-specific espionage system aimed at business, diplomatic, strategic and academic interests.

The detailed research and investigations carried out by Canada-based authors of the report 'Shadows in the Cloud' and experts from India's NTRO have pointed to a command and control system that used free web-hosting services and social networking sites like Twitter, Baidu blogs and Google. These accounts were manipulated by a "core" of servers based in Chengdu in China.

The report, released in early April, received fairly wide publicity but its fuller implications are only now beginning to sink in. The largely India-centric cyber warfare system is described as "son of ghost net", an allusion to a Chinese effort to infiltrate the Tibetan exile community. The current investigations also began in Dharamshala but revealed a larger intent linked to an underground hacking community in Chengdu.

An email used in ghostnet turned up in the Shadows probe as well and is identified as losttemp33@hotmail and was associated with Xfocus and Isbase, two popular Chinese hacking forums and possibly was a student of master hackers Glacier and Sunwear. The individual is believed to have studied at University of Electronic Science and Technology at Chengdu in Sichuan.

The Canadian team used a domain name system (DNS) sinkhole to turn IP addresses into domain names by grabbing suspect servers abandoned after ghostnet investigations. The list of compromised Indian computers is disturbing: machines at Indian missions at Kabul, Moscow, Dubai, Abuja, US, Serbia, Belgium, Germany, Cyprus, UK and Zimbabwe were infected.

A machine at the National Security Council Secretariat was tapped as were computers at military engineering services at Kolkata, Bangalore and Jalandhar. Computers linked to the 21 Mountain Artillery Brigade, the Air Force Station at Race Course Road opposite the PM's residence, the Army Institute of Technology at Pune and Military College of Electronics and Mechanical Engineering at Secunderabad were also compromised.

Thinktanks such as the Institute for Defence Studies and Analyses and publications like India Strategic and FORCE were also targeted as were corporations like DLF Limited, Tata and YKK India. Computers at the National Maritime Foundation and Gujarat Chemical Port Terminal Compnay were also hit.

On-ground investigations at Dharamshala, where the Tibetan exile community is headquartered, showed that computers were beaconing with server 'jdusnemsaz' in Chongqing in China. Interestingly, while Chengdu has a military research bureau, Chongqing is host to several triads -- criminal networks with connections to the Chinese government and Communist Party.

In a lucky break, the Canadian team was able to recover data being removed by attackers and discovered a list of compromised computers. Registering and monitoring four of the domain names revealed by the earlier ghostnet probe, they reached those used in the shadows network like www.assam2008.net, aaa.msnxy,net, sysroots.net, www.lookbyturns.com and www.macfeeresponse.org.



The investigations showed that the infected email or social networking accounts were infiltrated with malware which then allowed the compromised computer to receive more sophisticated software through attachments. All through, there was a core of master servers based in China that kept a close check on infiltration of computers and transfer of all sorts of documents from personal details to missile analysis to safe drop zones.
TimesofIndia News Link

Its about time India should setup a cyber warfare division as a part of the armed forces. Not only that, India should invest in robust secure hardware communication equipment for the army, revamp the army intelligence logistics and put most of intelligence documents on the intranet rather than the internet. Also invest in a program to render enemy spy satellite useless by a massive DDOS attack, since there is no known solution to a DDOS.
 

nandu

Senior Member
Joined
Oct 5, 2009
Messages
1,913
Likes
163
Antony warns of cyber warfare threat

Defence Minister A. K. Antony on Monday asked the armed forces' top brass to work in unison and make cyber systems "as secure and as non-porous as possible".

"Cyber warfare is becoming a serious threat to security. The paradigm of security in the age of information technology are seldom constant. The evolving security matrix is complex and calls for cooperation and coordination of the highest level," Mr. Antony said inaugurating the biannual Army Commanders' Conference here.

"Today, no single service can work in isolation. Cyber warfare and threats to cyber security are fast becoming the next generation of threats. We need to make our cyber systems as secure and as non-porous as possible," he said.

Making a strong plea for synergy among the three forces, the Defence Minister said the future security matrix called for a high degree of cooperation and inter-dependence among the services.

He said the primary area of focus should be to develop a force capable of operating in joint network-centric environment.

"Besides these, the other emerging areas that warrant synergised development are space, Nuclear-Biological-Chemical (NBC), cyber warfare capabilities, air defence, rotary wing assistance, precision munitions, standoff targeting and missiles, communication systems, logistics and joint training," he said.

Noting that significant progress had been made towards accomplishing synergy in various operational training and administrative facets among the three services, Mr. Antony said there were a number of areas of congruence that needed to be strengthened further.

Referring to the modernisation plans of the armed forces, he said it was in the long-term national interest that India became self-reliant in the field of critical defence equipment.

Mr. Antony said modernisation plans encompassed force modernisation and development of critical combat capabilities, not only against potential adversaries, but across the spectrum of conflict.

"Modernisation of the armed forces wholly depends upon the capital acquisition plan. However, the acquisition of critical technologies from foreign countries is subject to various technology denial regimes and the prevailing global geo-political situation," he added.

Mr. Antony said the Defence Public Sector Undertakings were today at a threshold, capable of undertaking design and development work as also to come up with product upgrades on their own.

"Despite these achievements, we must guard against complacency and must ceaselessly work towards more value addition, product support and serviceability of the supplies made to the end-users. It is the collective responsibility of all DPSUs to optimise cost-effectiveness and adhere to time and cost targets," he added.

The four-day conference presided by Army Chief General V. K. Singh - the first after he took over -would debate on organisational matters such as cadre restructuring and operational capability.

Among the presentations to the commanders during the conference would be those on the status and review of its systems on which an internal study had been done earlier, general cadre appointments and teeth-to-tail ratio of its weapon systems and men, changes to be brought about in the cadet selection for National Defence Academy, Ex-servicemen Contributory Health Scheme (ECHS) and transformation of military police establishment in the Army.

http://beta.thehindu.com/news/national/article432118.ece
 

RAM

The southern Man
Senior Member
Joined
Jul 15, 2009
Messages
2,288
Likes
445
Country flag
Indian cyber offensive against hacking poor:experts

New Delhi, May 19 (PTI) India has to step up on its cyber offensive to match Chinese and Pakistani hackers breaching the Indian cyber networks, says Ankit Fadia, the man who made his name as India's youngest and first certified ethical hacker.

"The Indian intelligence and military agencies regularly use Indian hackers to carry out counter offensives.

However, the quantum of such work being carried out here is a lot less than it is in countries such as China and Pakistan," says Fadia.

His views gain credence following the report, 'Shadows in the Cloud', in which a few Canadian and American cyber-security researchers had claimed that China-based online espionage gangs have accessed classified documents from several Indian defence and security establishments.

"India stands nowhere in terms of counter offensive against the attacker's networks," says Sunny Waghela, an Ahmedabad based ethical hacker

http://www.ptinews.com/news/659213_Indian-cyber-offensive-against-hacking-poor-experts
 

Latest Replies

Global Defence

New threads

Articles

Top