Indian Cyber Security

RPK

Indyakudimahan
Senior Member
Joined
Jun 29, 2009
Messages
4,970
Likes
229
Country flag
Indian cyber security and emergency response | NVO News


Indian Computer Emergency Response Team (CERT-In) was established by the Department of Information Technology, Govt. of India in January 2004 with a specific mandate to respond to computer security incidents. With the passage of Information Technology (Amendment) Act 2008, CERT-In has been designated as Nodal agency for coordinating all matters related to cyber security and emergency response. It is now assigned with the task of oversight of the Indian cyber space for enhancing cyber protection, enabling security compliance and assurance in Government and critical sectors and facilitating early warning & response as well as information sharing and cooperation.

Within few years of existence, CERT-In has been able to establish itself as a trusted referral agency with necessary capabilities to respond to cyber security incidents. In the process, CERT-In has been able to get into working relationships with all the leading security organizations and vendors across the world in the form of MoU, to achieve the necessary force multiplier effect in responding to cyber security incidents. In addition, specific capabilities have been developed to engage itself in effective cyber forensic as well as analysis of malicious codes.

CERT-In has published a Crisis Management Plan for Countering Cyber Attacks and Cyber Terrorism in the country and is working towards its implementation across Govt. and critical sectors in the country. In order to support the organizations in the critical sector and the Government in enhancing their ability to resist cyber attacks and improving their security posture, CERT-In has created a panel of IT security auditors that can provide wide range of security auditing services on commercial basis. With this kind of institution building activities, CERT-In is now able to provide its reactive and proactive services on 24×7 basis and is effectively collaborating the international agencies engaged in similar work for real time information sharing and problem resolution in the cyber space.

In order to effectively secure the Indian cyber space, CERT-In is assisting the Department of Information Technology to put in place a national cyber security strategy and a national information security governance policy.

In pursuit of the cyber security strategy, CERT-In has been working towardsPreventing cyber attacks against country’s critical information infrastructure; Reducing national vulnerability of cyber attacks and Minimizing damage and recovery time from cyber attacks.

For ensuring safety and security of cyber space, it is not only necessary to have an effective incident response mechanism such as the one already established by CERT-In, but also develop suitable ability and mechanism to harness real time information on the cyber security incidents even before they occur. In view of this, future roadmap of CERT-In includes real time incidents information collection, analysis and dissemination for effective security incidents prevention and protection. With this, it would be possible for CERT-In to provide tailored security advisories to the users community in the country enabling them to take timely and effective preventive actions.
 

roma

NRI in Europe
Senior Member
Joined
Aug 10, 2009
Messages
3,582
Likes
2,538
Country flag
all the above measures - did they indeed pass the test , bcos as we know , NSA narayanan has stated the PMO has just survivied an attack from hackers suspected to be from China ?
 

sayareakd

Mod
Joined
Feb 17, 2009
Messages
17,734
Likes
18,951
Country flag
They even hack into e mail of the dept. NSA, the computer was trace deep inside china, BTW this was done from the email of the civil servant who retired just few days ago from PMO, given the fact that China strictly monitor its net users and info which the hacker had of e mail account from the retired civil servant shows work of chines spy agency then amateur hacker.

We need to build our own army of hackers.......
 

Daredevil

On Vacation!
Super Mod
Joined
Apr 5, 2009
Messages
11,615
Likes
5,772
A new war, a new frontier

India’s abilities to ward off attacks on its computer networks and other infrastructure are basic at best

Brahma Chellaney

Even though India showcases its world-class information technology and knowledge skills and its civilian space assets, it lags far behind China’s cyberspace capabilities. Worse, it has developed no effective means to shield its rapidly expanding cyber infrastructure from the pervasive attacks that are now being carried out both in search of competitive intelligence and to unnerve the Indian establishment.

In peacetime, China is intimidating India through intermittent cyber warfare, even as it steps up military pressure along the Himalayan frontier. In a conflict, China could cripple major Indian systems through a wave of cyber attacks. With cyber intrusions against the Indian government, defence and commercial targets ramping up since 2007, the protection of sensitive computer networks must become a national security priority.

Image: StockXpert
The cyber threat is at two levels. The first is national, as manifest from the attacks already carried out against India’s National Informatics Centre (NIC) systems, the office of the national security adviser and the ministry of external affairs. By scanning and mapping some of India’s major official computer systems, China has demonstrated a capacity to steal secrets and gain an asymmetrical advantage. Cyber intrusion in peacetime allows China to understand the relative importance of different Indian networks so that it knows what to disable in a war situation.

The second level of cyber threat is against chosen individuals. Such targets in India range from functionaries of the Tibetan government-in-exile and Tibetan activists to Indian writers and others critical of China. The most common type of intrusion is an attempt to hack into email accounts. The targets also can face “Trojan horse” attacks by email that are intended to breach their computers and allow the infiltrators to remotely corrupt or transfer files.

To be sure, it is not easy to identify the country from where a particular cyber attack originated if it is camouflaged. Through the use of so-called false flag espionage and other methods, attacks can be routed through the computers of a third country. Just as some Chinese pharmaceutical firms have exported to Africa spurious medicines with a “Made in India” label—a fact admitted by Beijing—some Chinese hackers are known to have rerouted their cyber intrusion through computers in Russia, Iran, Cuba and other countries. But like their comrades in the pharmaceutical industry, such hackers tend to leave telltale signs that allow investigators in the victim countries to trace the origin of the disguised attacks to China. Then there are many cases where the attacks have directly originated in China.

So the reasonable supposition at the highest levels of the Indian government is that most cyber attacks have been carried out from China. That is also the conclusion Google reached when it reported “a highly sophisticated and targeted attack on our corporate infrastructure originating from China” and threatened to end “our business operations in China” last week. Let’s be clear: If China can carry out sophisticated cyber attacks on at least 34 US companies, including Google, as part of a concerted effort to pilfer valuable intellectual property, it certainly has the capability to outwit the elementary safeguards found in most Indian computer systems. Google today is crying foul, but it was instrumental is aiding online censorship controls in a country that is most fearful of the free flow of information. It custom-built for China a search engine that expurgates the search results of references and websites that Beijing considers inappropriate. Now Google itself has become a victim of China’s growing cyber prowess, in the way the appeasement of Hitler had recoiled on France and Britain.

Hackers in China have been carefully studying different software programmes to exploit their flaws. For example, hackers have found openings that allow them to infect victims’ computers through booby-trapped documents stored in the Acrobat Reader format. Opening such a document allows the hackers to automatically scan and transfer computer-stored files to a digital storage facility in China as part of a vast surveillance system dubbed “Ghostnet” by Canadian researchers. This is what happened when computers of the Tibetan government-in-exile in Dharamsala were attacked last year. Officials in Germany, Britain and the US have acknowledged that their governments and military networks have also been broken into by Chinese hackers.

It seems unlikely that the hackers, especially those engaged in systematic cyber espionage and intimidation, are private individuals with no links to the Chinese government. It is more likely that the hackers are tied to the People’s Liberation Army (PLA). In war, this irregular contingent of hackers would become the vanguard behind which the regular PLA divisions take on the enemy.

India already is on the frontlines of one mode of asymmetrical warfare: terrorism. That type of warfare has traumatized and bled India for long, with the country exposing itself as a soft state through the absence of an effective response. Now a new frontier of asymmetrical warfare is being opened against India, not by state-sponsored non-state actors but by state actors. It cannot fight two asymmetrical wars simultaneously, one against terrorists and extremists and the other against a state flouting international norms and wedded to cybercrime. The two asymmetrical wars indeed are a reminder that unconventional threats cannot be defeated through conventional forces alone. That is why India should treat the growing cyber attacks as a wake-up call to plug its vulnerabilities by developing appropriate countermeasures on a priority basis.
 

ezsasa

Designated Cynic
Mod
Joined
Jul 12, 2014
Messages
31,719
Likes
147,000
Country flag
ZIMBRA
======
Excl: Govt approaches consultancy firm Ernst and Young regarding cyber attack at AIIMS. EY conducted audit of AIIMS cyber systems this year. AIIMS was running on Zimbra owned by US based Synacor, vulnerabilities flagged in Feb. I report

 

rone

Regular Member
Joined
Dec 23, 2016
Messages
919
Likes
2,958
Country flag
ZIMBRA
======
Excl: Govt approaches consultancy firm Ernst and Young regarding cyber attack at AIIMS. EY conducted audit of AIIMS cyber systems this year. AIIMS was running on Zimbra owned by US based Synacor, vulnerabilities flagged in Feb. I report

Hack don't have any direct connection to Chinese state sponsored hackers, it just a small group that target cooperate entities ended up using common N-day exploit to get foothold in AIIMS, the hack happens because incompetence and negligence from AIIMS, it totally our fault
 

notaname

Senior Member
Joined
Dec 11, 2020
Messages
3,020
Likes
15,890
Country flag
ZIMBRA
======
Excl: Govt approaches consultancy firm Ernst and Young regarding cyber attack at AIIMS. EY conducted audit of AIIMS cyber systems this year. AIIMS was running on Zimbra owned by US based Synacor, vulnerabilities flagged in Feb. I report

Hack don't have any direct connection to Chinese state sponsored hackers, it just a small group that target cooperate entities ended up using common N-day exploit to get foothold in AIIMS, the hack happens because incompetence and negligence from AIIMS, it totally our fault
The bold part is surely true, but none of the products can be 100% hack proof, just a cat and mouse game, one's worked for multinational which took security seriously and had the best setup a organization can and the best code written which didn't had any loopholes which can be identifiable, and it is being used by many western governments, even that got hacked.
 

BhishmaMk5

Regular Member
Joined
Apr 1, 2022
Messages
116
Likes
724
Data of more than 815 Million Indians for sale on Dark Web which includes Aadhar details, contact info, biometrics, passport details etc.
Since aadhar data vaults' physical location is within India, looks like some internal leak..

 

tommy

Regular Member
Joined
Jan 16, 2013
Messages
649
Likes
1,967
I keep hearing this Aadhar data leaks every now and then. Is there any truth to it or just fake?
 

Latest Replies

Global Defence

New threads

Articles

Top