DRDO, PSU and Private Defence Sector News

[raju1982]

They can't if you have a proper security policy in place.

They can be. There are many ways to infiltrate offline WAN networks as large organisations like DRDO has.

OWASP has listed some of them here. Read them.

Attacks | OWASP Foundation

Attacks on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.

owasp.org

 

[raju1982]

Most available CCTV cam brand in India btw




This brand has been flagged worldwide

Thank god there is now a hype about these security cameras now.

The people saying they are not security threat because they are not connwcted to internet do not know abcd of network security and its threats and vuls. I worked in this areas and have idea to what extent harms can be done.

 

[AnantS]

Thank god there is now a hype about these security cameras now.

The people saying they are not security threat because they are not connwcted to internet do not know abcd of network security and its threats and vuls. I worked in this areas and have idea to what extent harms can be done.

do elaborate....

 

[raju1982]

do elaborate....

Read this article from yesterday. It specifically mentions Hikvision.

The tech flaw that lets hackers control surveillance cameras

Security flaws in two surveillance camera brands used around the world have been identified by Panorama.

www.bbc.com

 

[AnantS]

Read this article from yesterday. It specifically mentions Hikvision.

The tech flaw that lets hackers control surveillance cameras

Security flaws in two surveillance camera brands used around the world have been identified by Panorama.

www.bbc.com

from your article

So I still need example where Cameras in isolated Wired Local Network were hacked remotely..

 

[raju1982]

from your article

View attachment 212436

So I still need example where Cameras in isolated Wired Local Network were hacked remotely..

There are many ways it can be done. These network cameras come with inbuilt encrypted driver, deep learning and network software which you need to integrate with the WAN. And those software were developed in China. Than your entire WAN is compromised, you do not even know. Most of the WAN have some parts that are wireless specially in tech organisations which has remote work stations. Also some parts of the WAN is connected to INTRANET and INTRANET to Internet for data transfer and others. Usually hackers build a sophisticated malware chains for such cases. I habe seen similar things happening in banks and tech companies which we thought were highly secure.

For example few of the breaches sometimea comes out, most of them are not.

How IP address breach at DRDO missile lab set off security scare

A vendor was found to have submitted a bid at the DRDO’s Hyderabad-based Advanced Systems Laboratory (ASL) in July through the very IP address used by the organisation to float the tender. The DRDO suspects a collusion. An India Today exclusive report

www.indiatoday.in

 

[SKC]

There are many ways it can be done. These network cameras come with inbuilt encrypted driver, deep learning and network software which you need to integrate with the WAN. And those software were developed in China. Than your entire WAN is compromised, you do not even know. Most of the WAN have some parts that are wireless specially in tech organisations which has remote work stations. Also some parts of the WAN is connected to INTRANET and INTRANET to Internet for data transfer and others. Usually hackers build a sophisticated malware chains for such cases. I habe seen similar things happening in banks and tech companies which we thought were highly secure.

For example few of the breaches sometimea comes out, most of them are not.

How IP address breach at DRDO missile lab set off security scare

A vendor was found to have submitted a bid at the DRDO’s Hyderabad-based Advanced Systems Laboratory (ASL) in July through the very IP address used by the organisation to float the tender. The DRDO suspects a collusion. An India Today exclusive report

www.indiatoday.in

If your camera setup has direct WiFi capabilities and your facilities have WiFi network then these cameras can snoop around the different frequencies of WiFi which are not secured.
People who use Linux and Unix have utilities which can connect to even secured and password protected wifi streams.
I did this back in 2010-12. Had one utility even in windows which could snoop around the unsecured wifi signal of same wifi network and connect to internet.

 

[raju1982]

If your camera setup has direct WiFi capabilities and your facilities have WiFi network then these cameras can snoop around the different frequencies of WiFi which are not secured.
People who use Linux and Unix have utilities which can connect to even secured and password protected wifi streams.
I did this back in 2010-12. Had one utility even in windows which could snoop around the unsecured wifi signal of same wifi network and connect to internet.

Yeah. but now even wired, locally connected Wireless cameras are not secured.

Forget everything, if the security guys of DRDO had common sense they would have never placed a Chinese state controlled company built camera inside a control centre. This is simple logic. Bye.

 

[Fatalis]

Not sure about the credibility but anyways -

 

[AnantS]

There are many ways it can be done. These network cameras come with inbuilt encrypted driver, deep learning and network software which you need to integrate with the WAN. And those software were developed in China. Than your entire WAN is compromised, you do not even know. Most of the WAN have some parts that are wireless specially in tech organisations which has remote work stations. Also some parts of the WAN is connected to INTRANET and INTRANET to Internet for data transfer and others. Usually hackers build a sophisticated malware chains for such cases. I habe seen similar things happening in banks and tech companies which we thought were highly secure.

For example few of the breaches sometimea comes out, most of them are not.

How IP address breach at DRDO missile lab set off security scare

A vendor was found to have submitted a bid at the DRDO’s Hyderabad-based Advanced Systems Laboratory (ASL) in July through the very IP address used by the organisation to float the tender. The DRDO suspects a collusion. An India Today exclusive report

www.indiatoday.in

Again it was not remote intrusion, but case of malpractice. Compromised Man is always the weakest link in security.

So you are again proving somebody has physical access to isolated n/w - or your local net is isolated from intranet via firewall, and the firewall got breached.

Still which also means truly isolated local networks(not connected to internet at all - and yes they exist even in pvt cos), with strict security policy of preventing even unauthorized plug-in devices(USB storage devices/network drives etc) - shall remain unscathed from hacking. Unless a hacker is flying overhead with powerful emissions(or sitting near the network location close enough to activate wireless link of compromised devices in n/w) which can activate the compromised devices in wired networks but with provision to activate wireless link remotely(for activating exploit ).

 

[NoobWannaLearn]

 

[Aniruddha Mulay]

Not sure about the credibility but anyways -

As per the DDR report from Aero India 2023, the first 2 Netra Mk2 AEW&C aircraft will be ready for induction by 2025

 

[Chinmoy]

They can be. There are many ways to infiltrate offline WAN networks as large organisations like DRDO has.

OWASP has listed some of them here. Read them.

Attacks | OWASP Foundation

Attacks on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.

owasp.org

Type of CCTV cameras:

IP cameras,
Analog cameras

IP cameras are further divided into

Wired cameras
Wireless cameras

Mode of access:

IP cameras are accessed thru NVRs
Analog cameras are accessed thru DVRs

So unless and until NVR and DVR are connected to internet, there is no way to get the feed broadcast. Yes, a point of concern are the Wireless cameras which is a fashion now-a-days.
Now for someone to patch into your feed, he has to get access to your camera or NVR/DVR in person or digitally. So if you have a robust security policy in place, accessing them is impossible in both the ways.

But why this concern has been flagged for Chinese equipment if that's the case?
Let me give you a simple example. Once one of our client whose IPVS was based on X, forgot the password for one of his Hikvision camera. So to reset the camera when he approached the customer care, they asked him to give internet access to it. So within a week, they floated a new tender and replaced the whole IPVS setup. Now this client was not even under MoD or MHA, but they have red flagged the issue.

As far as security policy regarding hardware installation and replacement is concerned, all the uniformed or un-uniformed services have a robust policy in place. The real concern for them is not the Chinese CCTV cameras, but the mobiles, which they can't control per se.

So don't get excited about everything you see or read.

 

[NoobWannaLearn]

Those things are big damn

 

[raju1982]

Again it was not remote intrusion, but case of malpractice. Compromised Man is always the weakest link in security.
View attachment 212439
So you are again proving somebody has physical access to isolated n/w - or your local net is isolated from intranet via firewall, and the firewall got breached.

Still which also means truly isolated local networks(not connected to internet at all - and yes they exist even in pvt cos), with strict security policy of preventing even unauthorized plug-in devices(USB storage devices/network drives etc) - shall remain unscathed from hacking. Unless a hacker is flying overhead with powerful emissions(or sitting near the network location close enough to activate wireless link of compromised devices in n/w) which can activate the compromised devices in wired networks but with provision to activate wireless link remotely(for activating exploit ).

Type of CCTV cameras:

IP cameras,
Analog cameras

IP cameras are further divided into

Wired cameras
Wireless cameras

Mode of access:

IP cameras are accessed thru NVRs
Analog cameras are accessed thru DVRs

So unless and until NVR and DVR are connected to internet, there is no way to get the feed broadcast. Yes, a point of concern are the Wireless cameras which is a fashion now-a-days.
Now for someone to patch into your feed, he has to get access to your camera or NVR/DVR in person or digitally. So if you have a robust security policy in place, accessing them is impossible in both the ways.

But why this concern has been flagged for Chinese equipment if that's the case?
Let me give you a simple example. Once one of our client whose IPVS was based on X, forgot the password for one of his Hikvision camera. So to reset the camera when he approached the customer care, they asked him to give internet access to it. So within a week, they floated a new tender and replaced the whole IPVS setup. Now this client was not even under MoD or MHA, but they have red flagged the issue.

As far as security policy regarding hardware installation and replacement is concerned, all the uniformed or un-uniformed services have a robust policy in place. The real concern for them is not the Chinese CCTV cameras, but the mobiles, which they can't control per se.

So don't get excited about everything you see or read.

I guess according to your logic, Indian navy do not have a 'robust security policy' lol . So Naval Headquarter ordered to replace HikVision cameras from bases.

EXCLUSIVE: Indian military under target by Chinese origin surveillance systems

However, these products are marketed as 'Made in India', MoD letter claims

www.theweek.in

Because of the alert, the naval headquarters has asked its all formations to "discontinue" procurement of CCTV cameras and surveillance systems from Hikvision. And simultaneously ordered the replacement of existing Hikvision surveillance systems and CCTVs from its locations to be done in a phased manner.

 

[Chinmoy]

I guess according to your logic, Indian navy do not have a 'robust security policy' lol . So Naval Headquarter ordered to replace HikVision cameras from bases.

EXCLUSIVE: Indian military under target by Chinese origin surveillance systems

However, these products are marketed as 'Made in India', MoD letter claims

www.theweek.in

Because of the alert, the naval headquarters has asked its all formations to "discontinue" procurement of CCTV cameras and surveillance systems from Hikvision. And simultaneously ordered the replacement of existing Hikvision surveillance systems and CCTVs from its locations to be done in a phased manner.

The order of removal of Hikvision or Dahua is more political then security.

Hikvision or Dahua is effecting us in two ways. First through data breach, which we could avoid to a large extent or without being candid I would say completely in certain sectors like defence.
The second way is financially. Purchasing them means you are directly funding Chinese government. So GoI has directed all of its offices and organizations to keep away from these companies. But fun fact is, many other companies, both Indian and Non-Chinese, do use Hikvision drivers specifically in their cameras. Even Dahua uses Hikvision drivers.

So as of today, if you want to sell any product with country of origin in China in Flipkart or Amazon, you could do so by just mentioning it. But if you want to do the same in GEM, they won't even allow you. And now every GoI organization has to mandatory do the purchase from GEM. Even tendering is now mandatorily has to be done in GEM.

So this step is more to hit China financially then from security point of view.

 

[NoobWannaLearn]

 

[NoobWannaLearn]

 

[aim120]

As long as the system is isolated from internet, these cameras should be fine.

But still no excuse for using them, dahua also has presence in india, CP Plus orange line are nothing but rebadged dahua, assembled in India. While CP PLUS purple line is rebadged Uniview cameras.

Even companies like Honeywell, Panasonic, Bosch economy models use rebadged Dahua cameras.

While Axis is used in US government buildings, since sweden and US cooperate a lot in defense, I wouldn't be suprised if Axis is also compromised by Five eyes intelligence agencies.

Only safe bets would be to use Sony, which is quite expensive.

 

[Gyyan]

Isn't it a packaging plant?