Defence Cyber Agency of India

[hawwk]

As stated many times before, GoI has announced the formation of DSA which is now commanded by Rear Admiral Mohit Gupta

Credit (NDTV)

Let's start a discussion about what are you guys expecting from it.

===============================================

Defence Cyber Agency

Active	Established: 28 September 2018 Activated: November 2019 Operational: August 2021
Country	India
Type	Tri-service command
Role	Cyber Warfare
Part of	Integrated Defence Staff (IDS)
Headquarters	New Delhi, India
Current commander	Rear Admiral Mohit Gupta

The Defence Cyber Agency (DCA) is a tri-service command of the Indian Armed Forces. Headquartered in New Delhi, the agency is tasked with handling cyber security threats. The DCA draws personnel from all three branches of the Armed Forces. It reports to the Chief of Defence Staff (CDS) through the Integrated Defence Staff (IDS).

Indian Navy Rear Admiral Mohit Gupta was appointed in May 2019 as the first head of the DCA. The DCA is expected to be operational by November 2019. As of 2021, DCA is fully operational with Army, Air Force and Navy established their respective Cyber Emergency Response

============================================================================================================

History

The Naresh Chandra Task Force was set up in July 2011 by National Security Advisor Shivshankar Menon to review the recommendations of the Kargil Review Committee, assess the implementation progress and further suggest new reforms related to national security.[5][6] The task force was led by Naresh Chandra, retired Indian Administrative Service officer, and comprised 13 other members, including Gopalaswami Parthasarathy, Air Chief Marshal Srinivasapuram Krishnaswamy (Retd), Admiral Arun Prakash (Retd), Lt Gen V. R. Raghavan (Retd), Anil Kakodkar, K C Verma and V K Duggal. The committee conducted the first holistic review of national security since the Kargil Review Committee and submitted its classified report to Prime Minister Manmohan Singh on 23 May 2012.[7] Among its recommendations, the Task Force recommended the creation of a cyber command (DCA), an aerospace command and a special operations command. All three units were proposed to be tri-service commands in order to bring the various special forces units of the military under a unified command and control structure.[8][9]

The creation of the Defence Cyber Agency (DCA), the Defence Space Agency (DSA), and the Armed Forces Special Operations Division (AFSOD) were approved by Prime Minister Narendra Modi during the Combined Commanders' Conference at Jodhpur Air Force Station on 28 September 2018. The existing Defence Information Assurance and Research Agency will be upgraded to form the new Defence Cyber Agency.

Area of responsibility (ALLEGED)
The Week reported that the DCA would have the capability to hack into networks, mount surveillance operations, lay honeypot, recover deleted data from hard drives and cellphones, break into encrypted communication channels, and perform other complex objectives. According to Lieutenant General Deependra Singh Hooda, the DCA will have the responsibility of framing a long-term policy for the security of military networks, which includes eliminating the use of foreign hardware and software in the Indian Armed Forces, and preparing a Cyberwarfare doctrine.

=============================================================================================================

Since a joint military department is just renamed as DSA, and retasked for "cyber operations". I don't see any change in work ethics tho... until they actively hire youth that are working in this sector.

Mind you cyber operations is not budget friendly at all. We will need hi-tech equipment for it's operation

 

[Arkanoid]

Would its scope be limited to only Cyber Attack and Defense or would it also cover Digital and Electronic warfare ( attack; protection; Support)?

Also does the DSA have any research and development environment?


,

 

[hawwk]

Would its scope be limited to only Cyber Attack and Defense or would it also cover Digital and Electronic warfare ( attack; protection; Support)?

Also does the DSA have any research and development environment?


,

The existing Defence Information Assurance and Research Agency will be upgraded to form the new Defence Cyber Agency.

Since a joint military department is just renamed as DSA, and retasked for "cyber operations". I don't see any change in work ethics tho... until they actively hire youth that are working in this sector.

Very less is known till now but yes they might have that environment

 

[Suryavanshi]

What I always wanted was a dedicated national Information Sharing Platform.

A dedicated network where information is shared Between various agencies.
Information network will have different level of encryption based on the the sensitivity of information.

 

[hawwk]

What I always wanted was a dedicated national Information Sharing Platform.

A dedicated network where information is shared Between various agencies.
Information network will have different level of encryption based on the the sensitivity of information.

Too risky. The more endpoints a network have, the more vulnerable it is. A data is sent to every computer in a network until it finds a correct destination. It's better to have small small networks with info shared physically or only through secured tunnel...

 

[ezsasa]

What I always wanted was a dedicated national Information Sharing Platform.

A dedicated network where information is shared Between various agencies.
Information network will have different level of encryption based on the the sensitivity of information.

information sharing network for security agencies already exists, was mentioned in a Sanjay Dixit interview with RVS Mani.

Obviously encryption info will not be publicly available.

 

[hawwk]

Apparently meitY(ministry of electronics and information technology) and national center of excellence in
technology for internal security are jointly organising a cyber related programme. at iit bombay

i'm not sure if that's a hidden recruitment technique because i haven't heard about it before

do you guys have more info about it? or is it another stupid cyber awareness blah blah sh!t

 

[hawwk]

looking at "what" of the challenges. it's looking like a serious challenge. privilege escalation and osquery.

 

[Okabe Rintarou]

@ezsasa Requesting couple of actions for streamlining threads on cybersecurity.
Requesting merger of the following thread into this one: https://defenceforumindia.com/threads/indian-military-stepping-up-cyber-security.80657/
Also requesting that the following thread be renamed from "Indian Cyber Warfare Capability Discussions and Infosec News" to "Indian Civilian Cybersecurity: Discussions and Infosec news" so that we have two separate threads: This one for Defence Cyber Agency and the other one for Civilian Cybersecurity.
https://defenceforumindia.com/threa...apability-discussions-and-infosec-news.82030/
.

CYBER WARFARE


Government has approved establishment of Defence Cyber Agency, under the aegis of Ministry of Defence. This agency is now fully functional. To mitigate cyber threats, all the three Services have established their respective Cyber Emergency Response Teams (CERT). Furthermore, Government of India is formulating the National cyber security strategy, which is in the final stages of approval.

There have been repeated attempts by various cyber threat actors to target our various sectors. However, measures are being taken to detect and deter these threats.

Adequate safeguards have been instituted in the form of Cyber Audits, Physical Checks and Policy Guidelines to ensure a robust cyber posture of armed forces.

This information was given by Raksha Rajya Mantri Shri Ajay Bhatt in a written reply to Shri Shyam Singh Yadav in Lok Sabha today.

https://pib.gov.in/PressReleasePage.aspx?PRID=1742322

This makes it look like the immediate thrust is on Defensive capabilities, rather than offensive ones. Its clear we lag behind. Anyways, whenever we get around to it, what Offensive Cybersecurity capabilities should we be targeting? IT Gurus on this forum please enlighten us.

@Arkanoid brings up an interesting point. In my opinion, Cyberwarfare would be closely connected to Electronic Warfare as well. The Americans are already including Cyber attack capabilities to target Integrated Air Defence Systems (like Indian Air Force's IACCS) into the USAF's Next Generation Jammer. I still don't understand which mechanisms would allow a signal fed by jammer to enemy radar to act as a vector for a cyberattack, but they are already working on it, which means the Chinese are too. Another capability focus, I imagine, would be on developing means to hack SDR networks and get into communications. If they hack the IFF, it would be disastrous. Meanwhile we are still focused on Defence it seems: CERTs, firewalls, penetration testing, network redundancy, security audits, best practice awareness, etc seems to be the focus for now. Whenever we get around to building our Military CyberAttack muscle, which capabilities should we focus on?
Recently on PM's directive, CDS has started working on a new Non-Contact Warfare Doctrine. It entails Information Warfare, Psychological Warfare and Cyberwarfare. Objective is to intimidate adversary through use of non-Contact warfare. Hopefully it details Cyber Attack capabilities the Armed Forces want so that Private Sector, DRDO, C-DAC, etc can start working on those today so that by the time Armed Forces are done forming their Cyber Defences, they have offerings of Cyber Attack systems.
.
That Cyberwarfare is closely linked with Electronic Warfare is clear when we look at PLA's Strategic Support Force (PLASSF). In PLASSF, there is more compartmentalization between tactical and strategic intelligence ops than there is between Cyber and Electronic capabilities. PLA has "Electronic and Network Warfare" groups at Army brigade level and is well integrated into the Operational planning process insomuch that PLA commanders might rely on these capabilities more than they would on Physical attacks. Network warfare is PLA-speak for Cyberwarfare. Their doctrine calls for two different types of Cyber attacks: 1.) Degrade enemy Network, 2.) Concealed attack to affect enemy decision making to make it maneuver its tactical forces into a trap laid by PLA's tactical forces. Even in Brigade level reconnaissance, they have in addition to traditional methods like recce by fire, by attack, etc: Recce by electronic or digital search.
.
PLA's entire doctrine is to avoid enemy's strong points and attack its weak ones. Which may be why they avoided kinetic warfare with India. I don't know how capable their systems are and doctrinally, I do think they are overemphasizing the focus on "breaking enemy morale" and attacking Networks rather than Physically attacking field formations to defeat enemy. And I think that they are doing this because PLA is a more centralized military and it knows that Network warfare and psychological warfare would be very effective against PLA, so it thinks that it would be very effective against enemy Armed Forces as well. They might not understand that it would be more effective on PLA than against Indian Army, for example. Which is exactly why India should cease the initiative and use its traditional strength in the field along with Cyber and Electronic warfare capabilities to achieve maximum efficiency against the PLA.
.
In that respect, the new non-Contact Warfare doctrine is timely and targets the right spot: Intimidating the enemy. Will also allow us to counter Pakistan's proxy warfare to some extent by giving us non-kinetic options for terror attacks smaller than the ones which necessitated our response in Balakote and Uri.

 

[Okabe Rintarou]

Reading this US military Doctrine document on Electronic Warfare (EW): https://irp.fas.org/doddir/dod/jp3-13-1.pdf
Made me realize that Defence Cyber Agency should be converted to Defence Cyber and Electronic Warfare Agency, and then upgraded to a Defence Cyber and Electronic Warfare Command. The three services need to coordinate their EW effort, instead of Army doing EW through Samyukta and Air Force doing its own EW for SEAD/DEAD, etc through jammers and dedicated SIGINT aircraft, its better to coordinate the effort across the board.

But more important than that, its very important to exploit the synergy between Electronic Warfare and Cyberwarfare. For example, a Cyber attack can force an enemy to rely on wireless network, which in turn is vulnerable to EW. Another major example is this: EW-delivered computer network attack (CNA)
Under EW-delivered CNA, USAF plans to use its Next-Generation Jammer pod to inject malacious code into an Air Defence network similar to Indian Air Force's IACCS. I've never heard any Indian agency even mention such a capability. A third example is the use of EW weapons such as HPM devices and EMP bombs to electronically target enemy computer servers.

We are lagging behind in RMA unless we make a similar doctrinal transition. The Chinese already look at EW and cyberwarfare as two things meant to be performed in unison.

 

[Okabe Rintarou]

This makes it look like the immediate thrust is on Defensive capabilities, rather than offensive ones. Its clear we lag behind. Anyways, whenever we get around to it, what Offensive Cybersecurity capabilities should we be targeting? IT Gurus on this forum please enlighten us.

This paper by ORF argues that Indian Government should focus on, rather than shy away from, offensive capabilities in Cyber warfare because just like Air Power, nature of Cyberwarfare is such that it favours the one on the offensive.
https://www.orfonline.org/expert-speak/india-and-cyberspace-balance-between-offence-and-defence/
As we can see from the poll above in this thread, members on DFI strongly agree with the article and disagree with the largely defensive posture of Indian Cyber Defence Agency.
EDIT: Maybe this new non-Contact doctrine being currently formulated will begin this shift towards a more offensive focus: https://defenceforumindia.com/threa...irectives-non-contact-warfare-doctrine.83010/

 

[hawwk]

Reading this US military Doctrine document on Electronic Warfare (EW): https://irp.fas.org/doddir/dod/jp3-13-1.pdf
Made me realize that Defence Cyber Agency should be converted to Defence Cyber and Electronic Warfare Agency, and then upgraded to a Defence Cyber and Electronic Warfare Command. The three services need to coordinate their EW effort, instead of Army doing EW through Samyukta and Air Force doing its own EW for SEAD/DEAD, etc through jammers and dedicated SIGINT aircraft, its better to coordinate the effort across the board.

But more important than that, its very important to exploit the synergy between Electronic Warfare and Cyberwarfare. For example, a Cyber attack can force an enemy to rely on wireless network, which in turn is vulnerable to EW. Another major example is this: EW-delivered computer network attack (CNA)
Under EW-delivered CNA, USAF plans to use its Next-Generation Jammer pod to inject malacious code into an Air Defence network similar to Indian Air Force's IACCS. I've never heard any Indian agency even mention such a capability. A third example is the use of EW weapons such as HPM devices and EMP bombs to electronically target enemy computer servers.

We are lagging behind in RMA unless we make a similar doctrinal transition. The Chinese already look at EW and cyberwarfare as two things meant to be performed in unison.

@ezsasa Requesting couple of actions for streamlining threads on cybersecurity.
Requesting merger of the following thread into this one: https://defenceforumindia.com/threads/indian-military-stepping-up-cyber-security.80657/
Also requesting that the following thread be renamed from "Indian Cyber Warfare Capability Discussions and Infosec News" to "Indian Civilian Cybersecurity: Discussions and Infosec news" so that we have two separate threads: This one for Defence Cyber Agency and the other one for Civilian Cybersecurity.
https://defenceforumindia.com/threa...apability-discussions-and-infosec-news.82030/
.


This makes it look like the immediate thrust is on Defensive capabilities, rather than offensive ones. Its clear we lag behind. Anyways, whenever we get around to it, what Offensive Cybersecurity capabilities should we be targeting? IT Gurus on this forum please enlighten us.

@Arkanoid brings up an interesting point. In my opinion, Cyberwarfare would be closely connected to Electronic Warfare as well. The Americans are already including Cyber attack capabilities to target Integrated Air Defence Systems (like Indian Air Force's IACCS) into the USAF's Next Generation Jammer. I still don't understand which mechanisms would allow a signal fed by jammer to enemy radar to act as a vector for a cyberattack, but they are already working on it, which means the Chinese are too. Another capability focus, I imagine, would be on developing means to hack SDR networks and get into communications. If they hack the IFF, it would be disastrous. Meanwhile we are still focused on Defence it seems: CERTs, firewalls, penetration testing, network redundancy, security audits, best practice awareness, etc seems to be the focus for now. Whenever we get around to building our Military CyberAttack muscle, which capabilities should we focus on?
Recently on PM's directive, CDS has started working on a new Non-Contact Warfare Doctrine. It entails Information Warfare, Psychological Warfare and Cyberwarfare. Objective is to intimidate adversary through use of non-Contact warfare. Hopefully it details Cyber Attack capabilities the Armed Forces want so that Private Sector, DRDO, C-DAC, etc can start working on those today so that by the time Armed Forces are done forming their Cyber Defences, they have offerings of Cyber Attack systems.
.
That Cyberwarfare is closely linked with Electronic Warfare is clear when we look at PLA's Strategic Support Force (PLASSF). In PLASSF, there is more compartmentalization between tactical and strategic intelligence ops than there is between Cyber and Electronic capabilities. PLA has "Electronic and Network Warfare" groups at Army brigade level and is well integrated into the Operational planning process insomuch that PLA commanders might rely on these capabilities more than they would on Physical attacks. Network warfare is PLA-speak for Cyberwarfare. Their doctrine calls for two different types of Cyber attacks: 1.) Degrade enemy Network, 2.) Concealed attack to affect enemy decision making to make it maneuver its tactical forces into a trap laid by PLA's tactical forces. Even in Brigade level reconnaissance, they have in addition to traditional methods like recce by fire, by attack, etc: Recce by electronic or digital search.
.
PLA's entire doctrine is to avoid enemy's strong points and attack its weak ones. Which may be why they avoided kinetic warfare with India. I don't know how capable their systems are and doctrinally, I do think they are overemphasizing the focus on "breaking enemy morale" and attacking Networks rather than Physically attacking field formations to defeat enemy. And I think that they are doing this because PLA is a more centralized military and it knows that Network warfare and psychological warfare would be very effective against PLA, so it thinks that it would be very effective against enemy Armed Forces as well. They might not understand that it would be more effective on PLA than against Indian Army, for example. Which is exactly why India should cease the initiative and use its traditional strength in the field along with Cyber and Electronic warfare capabilities to achieve maximum efficiency against the PLA.
.
In that respect, the new non-Contact Warfare doctrine is timely and targets the right spot: Intimidating the enemy. Will also allow us to counter Pakistan's proxy warfare to some extent by giving us non-kinetic options for terror attacks smaller than the ones which necessitated our response in Balakote and Uri.

as far as i know, we already atleast have an electronic warfare unit in "almost" "every" different "agencies" & military.

 

[Okabe Rintarou]

as far as i know, we already atleast have an electronic warfare unit in "almost" "every" different "agencies" & military.

Yeah. Signals handles integrated EW systems in Army. But like I said, we need to look at Cyberwarfare in conjunction with EW and do it in a tri-services joint effort. And this could be where we see some nervousness: Army Corps of Signals might not like this new arrangement. Same stupid turf wars might cause us to lag behind again. I already remember the turf wars between Signals and Director General Information Systems that led to the repeated delays of Command Information & Decision Support System (CIDSS) and Army Strategic Operational Information Dissemination System (ASTROIDS).

 

[hawwk]

fucking pathetic ! at cert-in
people are using their own laptops? (left to right - hp spectre, hp 15xx notebook, macbook pro <2017, macbook pro <2017)

i hope it's not the same practice for dca.

 

[hawwk]

why are they using metasploit-framework?

 

[hawwk]

View attachment 112715
why are they using metasploit-framework?

@rone can you help me identify what exploit are they using.
@not so dravidian @DownWithCCP

 

[DownWithCCP]

@rone can you help me identify what exploit are they using.
@not so dravidian @DownWithCCP

Do you have a better res image?

 

[DownWithCCP]

View attachment 112715
why are they using metasploit-framework?

You can write your own exploit modules on metasploit iirc

 

[hawwk]

Do you have a better res image?

if i had a better res image, i would already be looking into my kali machine. since there are hundreds of auxiliary scanners and exploits.... this would take a lot of time, i'm still figuring it out.

 

[DownWithCCP]

if i had a better res image, i would already be looking into my kali machine. since there are hundreds of auxiliary scanners and exploits.... this would take a lot of time, i'm still figuring it out.

ye lol makes sense