Indian Cyber Warfare Discussion

The Military Issues & History Forum is a venue to discuss issues relating to the military aspects of the Indian Armed Forces, whether the past, present or future. We request members to kindly stay within the mandate of this forum and keep their exchanges of views, on a civilised level, however vehemently any disagreement may be felt. All feedback regarding forum usage may be sent to the moderators using the Feedback Form or by clicking the Report Post Icon in any objectionable post for proper action. Please note that the views expressed by the Members and Moderators on these discussion boards are that of the individuals only and do not reflect the official policy or view of the Bharat-Rakshak.com Website. Copyright Violation is strictly prohibited and may result in revocation of your posting rights - please read the FAQ for full details. Users must also abide by the Forum Guidelines at all times.
Post Reply
Nihat
BRFite
Posts: 1330
Joined: 10 Dec 2008 13:35

Indian Cyber Warfare Discussion

Post by Nihat »

As an emerging threat, especially from China and possibly a critical aspect of future Warfare , Cyber Warfare and role of Computer hacking in National Security ought to be discussed in greater detail than it already is. Especially India's ability to launch its own network and defend against Spy networks on foreign Soil.
Spy Game: India readies cyber army to hack into hostile nations' computer systems


NEW DELHI: Borrowing a page from China’s art of cyber war, the government is giving shape to an IT infrastructure setup manned by a small army of software professionals to spy on the classified data of hostile nations by hacking into their computer systems.

IT workers and ethical hackers who sign up for the ambitious project will be protected by law, says the proposal being discussed by senior government administrators. The expertise of these professionals will be used to go on the offensive or preempt strikes by breaching the security walls of enemy systems.

The strategy of taking the fight to hackers was drafted at a high-level security meet on July 29 chaired by National Security Advisor Shiv Shankar Menon. The meeting was attended by the director of Intelligence Bureau as well as senior officials of the telecom department, IT ministry and security agencies, documents seen by ET show. Departments whose officials were present at the meeting did not respond to ET emails.


The government is worried about spying and sabotage from neighbouring countries, particularly China and Pakistan, after a spate of assaults on its computer systems in recent times. The Citizen Lab at the University of Toronto said in April that a clique of hackers based in China had conducted extensive spying operations in India, pilfering confidential documents from the defence ministry.

Though Beijing strongly denied any role in the attacks, the investigation pointed to the Chinese government’s tacit approval of the spying operations. The technical reconnaissance bureau of the People’s Liberation Army that is responsible for signals intelligence collection is headquartered in Chengdu, where the hackers had set up base.

According to the government proposal, the National Technical Research Organisation (NTRO) along with Defence Intelligence Agency (DIA) will be responsible for creating cyber-offensive capabilities. NTRO is a key government agency that gathers technical intelligence while DIA is tasked with collating inputs from the Navy, Army and Air Force.

The NTRO will also suggest measures to ensure legal protection to recruits, a move that is expected to coax software professionals into joining the government group because under the Indian IT Act, hacking is punishable with imprisonment up to three years, or carries a fine up to `2 lakh, or both.

“Even if the offense is done on a computer on foreign soil, it is punishable under Indian laws,” says cyber lawyer Pavan Duggal, adding that the IT Act will have to be changed for “patriotic stealth operations”.

Mr Duggal welcomed the efforts to establish a hacker group, pointing to the explosive growth in assaults on Indian systems recently. Last year, 600 computers belonging to the external affairs ministry were hacked, allegedly by Chinese groups. The hackers also managed to steal crucial documents from the computers of the defence establishment then.

Vikas Desai, lead technical lead of network security firm RSA, said the government’s efforts can be classified as ethical hacking. “Many countries and organisations in the world already have this kind of infrastructure,” he said.


In sheer numbers at least, recruitment may not be a problem. The country is due to produce nearly 5.71 lakh technical graduates and postgraduates in 2010, says IT lobby group Nasscom. There is also a teeming workforce in India thanks to large anti-virus and software companies such as McAfee, Microsoft, Intel establishing R&D labs here.

The government is not taking chances, however. The NSA’s National Security Council Secretariat has directed the HRD and IT ministries to introduce cyber security in the curriculum of IITs and education institutes.

The government also plans to amplify efforts to strengthen its cyber armour. A National Testing Centre to check all types of hardware and software being sourced by departments for spyware will be established to prevent India’s computers from coming under attack.

The NSA has also asked the Defence Research & Development Organisation (DRDO) and DIA to magnify efforts against electromagnetic-pulse bombs that can interrupt wireless signals inside the country. It has also directed the DIA to harden its Transient ElectroMagnetic Pulse Emanations Standards, known as TEMPEST in military parlance. Hardening TEMPEST to a geek means lowering the chances of interception of data transferred by defence agencies on the internet.

To enable this, the government wants to involve engineers and scientists from the IITs and Indian Institutes of Science to develop highly-encrypted algorithms, in large numbers. The high-level meeting notes that government’s cyber efforts are stumped by its ability to produce no more than 3-4 such algorithms in a year.
http://www.bharatrakshak.com/NEWS/newsr ... wsid=13242

(Sourced from Economic Times)

P.S. - If there is a more appropriate place for this then Mods, please move this post and delete the thread.
Manish_P
BRF Oldie
Posts: 5383
Joined: 25 Mar 2010 17:34

Re: Indian Cyber Warfare Discussion

Post by Manish_P »

I hope the Mods will consider keeping this thread separate

Cyber-warfare is very much an ongoing war even if much of it is hidden from the eyes of the general public

Going forward i think its more likely that cyber-warfare divisions will fire the opening salvos of future conflicts
AdityaM
BRF Oldie
Posts: 2025
Joined: 30 Sep 2002 11:31
Location: New Delhi

Re: Indian Cyber Warfare Discussion

Post by AdityaM »

IB4TL

You will never find enough material in open source to sustain this thread on its own merit
nits
BRFite
Posts: 1155
Joined: 01 May 2006 22:56
Location: Some where near Equator...

Re: Indian Cyber Warfare Discussion

Post by nits »

Some how i agree with Manish; Mods can allow this thread to continue... we can at least discuss News Items and its related strategy and counter strategy in this thread...

Mods are the Highest authority and if they see merit in it they can keep this thread as per there discretion...
SSridhar
Forum Moderator
Posts: 25085
Joined: 05 May 2001 11:31
Location: Chennai

Re: Indian Cyber Warfare Discussion

Post by SSridhar »

We will keep this thread.
biswas
BRFite
Posts: 503
Joined: 02 Nov 2009 20:42
Location: Ozzieland

Re: Indian Cyber Warfare Discussion

Post by biswas »

AdityaM wrote:IB4TL

You will never find enough material in open source to sustain this thread on its own merit
:rotfl: :rotfl: :rotfl: FAIL :P
pralay
BR Mainsite Crew
Posts: 524
Joined: 24 May 2009 23:07
Contact:

Re: Indian Cyber Warfare Discussion

Post by pralay »

Keep this thread,

Rather I want to know how to sign up for this program.
I want to contribute.
nits
BRFite
Posts: 1155
Joined: 01 May 2006 22:56
Location: Some where near Equator...

Re: Indian Cyber Warfare Discussion

Post by nits »

Came across a bit old article where India and Israel are co-ordinating on Cyber Warfare againts Pakistan - Well Thats Intresting !!

Link
Manish_P
BRF Oldie
Posts: 5383
Joined: 25 Mar 2010 17:34

Re: Indian Cyber Warfare Discussion

Post by Manish_P »

Thanks, SSridhar, for the consideration.

@AdityaM, a year or two ago i would have agreed with you. And i still believe that this war will be fought in the shadows like covert Ops making news/material very hard to come by in open sources. But i have high hopes that when it does come, it will come on BRF first :)

A cyber war has been initiated on us, make no mistake about it. The goverment and the NSA have recognized this for some time now, and it is heartening to know that they have quickly (well relatively speaking) initiated work on countering these threats to our increasingly networked military and industry.

I found it interesting to go through one of BRFs earlier post by SunilUpa about the 'Divine Matrix' exercise conducted last year. As can be expected there were not many technical details mentioned about the exercise and the IW part of the exercise was further downplayed.

Link - http://forums.bharat-rakshak.com/viewto ... 43#p641943

Another fairly recent article which might have been posted earlier - http://indiatoday.intoday.in/site/Story ... rfare.html

@nits - I had read the article you mention earlier. Am not sure, but the journo seems to be Pakistani and there seems to be a fair bit of conjecture, even bordering on propaganda :)
sanjaykumar
BRF Oldie
Posts: 6088
Joined: 16 Oct 2005 05:51

Re: Indian Cyber Warfare Discussion

Post by sanjaykumar »

I am sure India has taken vigorous defense against Chinese e-wrecktions. GOI means to communicate something to the Chinese. Coupled with the RIM encryption demands and telecommunications legislation, they do seem to be serious about cyber security.
VinodTK
BRF Oldie
Posts: 2976
Joined: 18 Jun 2000 11:31

Re: Indian Cyber Warfare Discussion

Post by VinodTK »

Indian government plans counter cyber offensive
"The Indian intelligence and military agencies regularly use Indian hackers to carry out counter offensives. However, the quantum of such work being carried out here is a lot less than it is in countries such as China and Pakistan," said India's youngest and first certified ethical hacker Ankit Fadia.
tarun
BRFite
Posts: 109
Joined: 27 May 2009 17:45

Re: Indian Cyber Warfare Discussion

Post by tarun »

The general cluelessness with which our bureaucracy drafts the laws of the land after being fed BS from vested interests ( read MNC vendors ) our cyber war capabilities announced with so much fanfare are probably still born.

http://seclists.org/fulldisclosure/2010/Jul/340

The following is generally true of law making in India.
You make everything we are interested in illegal. As a result we are forced to be criminals if we want to learn the particular set of survival traits, commonly known as hacking. Sure there are “white hats” out there who possess the knowledge and skill to stop the types of attacks they, themselves, can come up with. They will happily work for you and do whatever you tell them. However, while you are sheltered within your own personal paradigmal bubble where all the children play nicely, the real world, 2.0 perhaps, awaits you outside. Out here in the real world you have been giving us the shaft in every way shape and form possible to discourage others from becoming like us.
To enable this, the government wants to involve engineers and scientists from the IITs and Indian Institutes of Science to develop highly-encrypted algorithms, in large numbers. The high-level meeting notes that government’s cyber efforts are stumped by its ability to produce no more than 3-4 such algorithms in a year.
This sentence sums up the incompetence of those in-charge of this effort.

An example of vendor driven efforts

http://www.dsci.in/
tarun
BRFite
Posts: 109
Joined: 27 May 2009 17:45

Re: Indian Cyber Warfare Discussion

Post by tarun »

What a non-sensical news item. The bureaucracy wants to hide its luddites who are ill-trained to use computers in general and Linux in particular by raising the bogeyman of cyberwarfare directed at it.
nits
BRFite
Posts: 1155
Joined: 01 May 2006 22:56
Location: Some where near Equator...

Re: Indian Cyber Warfare Discussion

Post by nits »

Mallya's website hacked by Pak hackers
Rajya Sabha member and industrialist Vijay Mallya's personal website has been hacked allegedly by Pakistani hackers with 'dire' threats that India's cyber space was not secured being posted on it.

The defaced site says 'Feel the Pakistan' with danger signs and adds that 'we are sleeping, not dead'. "This is a payback from Pak Cyber Army in return to the defacements of Pakistani sites ! You are playing with fire !, This is not a game kids. We are warning you one last time, don't think that you are secure in this Cyber Space We will turn your Cyber Space into Hell," the site says.

'And make sure that you have someone to Cry Over because we gona literally throw you in the deep sea, Will revenge ! if any pakistani site Hacked by Indian's!' the damaged site adds.

A cyber expert says that ahead of Independence celebrations, cyber attacks on the websites of both India and Pakistan are usually noticed.
Link
tarun
BRFite
Posts: 109
Joined: 27 May 2009 17:45

Re: Indian Cyber Warfare Discussion

Post by tarun »

nits wrote:Mallya's website hacked by Pak hackers
It took his team all of 2 hours to restore it back after it was discovered. I am not certain if they re-installed the server afresh with updated patches or else it would be vulnerable to an exploit again.
Deepak_D
BRFite -Trainee
Posts: 10
Joined: 12 Aug 2010 02:47
Location: PlAnEt EaRtH

Re: Indian Cyber Warfare Discussion

Post by Deepak_D »

nits wrote: Mallya's website hacked by Pak hackers
And I believe they were not able to trace back the path of the attacker.
Guddu
BRFite
Posts: 1054
Joined: 01 Dec 2008 06:22

Re: Indian Cyber Warfare Discussion

Post by Guddu »

Its creditable that India is working on this, the US govt recently established a new cyber command. http://en.wikipedia.org/wiki/United_Sta ... er_Command
Raghavendra
BRFite
Posts: 1252
Joined: 11 Mar 2008 19:07
Location: Fishing in Sadhanakere

Re: Indian Cyber Warfare Discussion

Post by Raghavendra »

nits wrote:Mallya's website hacked by Pak hackers
Indians hack Pakistani website: TV channel http://timesofindia.indiatimes.com/tech ... 319579.cms
Lalmohan
BRF Oldie
Posts: 13262
Joined: 30 Dec 2005 18:28

Re: Indian Cyber Warfare Discussion

Post by Lalmohan »

i think we should expect chinese TOT to the paqui jehardies for outsourced offshore cyber attacks
tarun
BRFite
Posts: 109
Joined: 27 May 2009 17:45

Re: Indian Cyber Warfare Discussion

Post by tarun »

http://www.freedom-to-tinker.com/blog/j ... ous-source

http://www.indianevm.com/blogs/?p=402

By arresting independent security researchers on flimsy grounds , the cyber illiterate 'system' is digging itself into a deeper hole.
Axel
BRFite -Trainee
Posts: 2
Joined: 25 Aug 2010 14:23

Re: Indian Cyber Warfare Discussion

Post by Axel »

Would any of you know where I can find the "Joint Doctrine for Electronic Warfare" that was released on february 9th 2010 ? I could only find the "Joint Doctrine for Sub conventional operations" which was released on the same day...

As for Divine Matrix, I wonder how efficient can be an exercice on something as changing as cyberwarfare. I mean, Divine Matrix - kind should be like an everyday training of indian armed forces don't you think ?
Last edited by archan on 25 Aug 2010 20:48, edited 1 time in total.
Reason: username changed from cyberaxel to Axel. Human sounding names are preferred.
SSridhar
Forum Moderator
Posts: 25085
Joined: 05 May 2001 11:31
Location: Chennai

Re: Indian Cyber Warfare Discussion

Post by SSridhar »

tarun wrote:http://www.freedom-to-tinker.com/blog/j ... ous-source

http://www.indianevm.com/blogs/?p=402

By arresting independent security researchers on flimsy grounds , the cyber illiterate 'system' is digging itself into a deeper hole.
tarun, I do not think the arrest was on 'flimsy' grounds as you term it. He needs to explain how he came in possession of a unit of the EVM. I am also not sure if he can open it and tamper with it unauthorizedly. I do not think any right minded person would object to hardening our EVMs or voting processes.
tarun
BRFite
Posts: 109
Joined: 27 May 2009 17:45

Re: Indian Cyber Warfare Discussion

Post by tarun »

Sridhar,

If there was no legit way to obtain an EVM so it had to be obtained whichever way it was obtained. Nothing would prevent politicians determined to alter election results from atleast being able to obtain an EVM in a similar way.

There is a need to differentiate between the intent to disrupt the election process as opposed to full-disclosure on a study conducted with a well meaning intent of discovering any vulnerabilities. Such actions in public interest should be decriminalized.

Modern western medicine would have been a lot poorer but for the early enterprising grave snatchers [1,2]

1. http://www.yale.edu/tnj/content/nov05/a ... fense.html
2. http://en.wikipedia.org/wiki/Body-snatching

Forbidding thoughts, knowledge and discovery is a sure shot way of killing hacker culture and driving whitehats underground and to extinction or worse become blackhats.
Raghavendra
BRFite
Posts: 1252
Joined: 11 Mar 2008 19:07
Location: Fishing in Sadhanakere

Re: Indian Cyber Warfare Discussion

Post by Raghavendra »

Got this from http://www.freehacking.net


Two Biggest Pakistani Websites Hacked by Indian Cyber Army

http://pakistani.pk/ - Pakistani.PK is a pakistan's biggest entertainment portal where you can download mp3 songs, mobile videos, wallpapers, jokes, msn addons and bots. The daily page-loads to this website is almost 4,500 to 5,000. This is a victory..

CHEERS..!! for Indian Cyber Army...

Awaiting the response from Pak Cyber Army

Image

http://digg.pk/- Digg.pk is a Pakistani site where you can find any thing like, information about, banking, money making, advertisement, publishing, and free movies.
Image

The below warning message has been posted by Indian Cyber Army
PAKCYBER army Kindly STFU ur fu****N Filthy Mouth...
BlackZero from pakhaxor broke the Peace deal.. We still in the deal if you wanna continue then its ok if you dont Then its your wish
we doNt hav to do aNythNg wid ur PooR Pakistani CybeR
iT coNsiSts handFuL of sites
s0 go hoMe and get soMe Lfy and coMe
aNythng f0r India

We aRe: -[SiLeNtp0is0n]- , strangeR , inX_rOot , NEO H4cK3R , Darkl00k , G00g!3 W@rr!0r , co0Lt04d , ATUL DWIVEDI , Jackh4xor , th3 RDX

CoNtact Us: http://WWW.INDISHELL.IN
GreeTz : HackMypc Lucky Team Indishell , IW and ALL iNdiaN H4xoRs
JAI HIND
Maa Tujhe SALAM




Why was Vijay Mallya hacked?
While you were enjoying the Independence Day spirit and probably flying kites, an all out war was on between India and Pakistan.

Fortunately, it was not on the border but in cyberspace where hackers from the two countries were engaged in pitched battles to outdo each other.

According to cyber experts, more than a thousand websites were hacked into and defaced on August 14 and 15 when Pakistan and India celebrated their Independence respectively. The Day came as a nightmare for some of the webmasters website owners from the two nations. Pakistani hackers were first to strike on August 14 when they defaced Indian websites. The Indian side returned fire the following day.

Hackers from both the nations hacked the websites and posted flags of the respective countries on the targeted websites.

Two Pakistani groups Pak Cyber Army and PakHaxors started the attack. As per zone-h data, these groups have defaced around 10-20 websites. The counter attack from the Indian side was led by Indishell and Indian Cyber Army who claim to have defaced 1,226 Pakistani websites. Zone-h data confirms the figure is more than 1,000 website.

10:1000 :lol:



Happy Birthday To CRAZY009 From Indishell & Freehacking Team

How Indian Hackers Celebrates BirthDay? By Defacing Pakistani Website
Image

Friends, today is 25th August & CRAZY009 Birthday. He is active member of INDIAN CYBER ARMY official forum http://indishell.in

On Behalf of INDISHELL 3thicalnoob gave him a small gift. That gift is to greet him by hacking a Pakistani website.

3thicalnoob Hacked Pakistani classifieds official website http://pakadverts.com/

The link of Hacked page on which Indishell team wished him Happy Birthday is:
http://pakadverts.com/crazy009.html

NOTE: In my life time ever, I have seen first time to greet someone like this. This is awesome. This is really a priceless. Now CRAZY009 will get famous in cyber world and so many ppl will remember this date 25th August.

CRAZY009 - Wish you a Very best & many more happy returns of the day..!!! On behalf of FREEHACKING DOT NET TEAM

Happy b'day Crazy Have a blast enjoy the day..!!



Indian Cyber Army Hacked Pakistan Political Server http://www.freehacking.net/2010/08/indi ... istan.html

More exploits published at http://www.freehacking.net
Manish_P
BRF Oldie
Posts: 5383
Joined: 25 Mar 2010 17:34

Re: Indian Cyber Warfare Discussion

Post by Manish_P »

MoD, services to review use of digital storage

Even as Chinese and Pakistani online espionage agents continue their attempts to hack into Indian computer systems, hostile intelligence agencies are also trying to steal defence secrets through use of computer storage media (CSM) devices like pen drives, removable hard disks, CDs, VCDs and the like.

The Intelligence Bureau has sounded a red alert about "intelligence officers of a hostile country'' encouraging their "assets'' working in Indian defence establishments to use CSM devices to pilfer classified information from computer networks.

The Defence Information Assurance and Research Agency (DIARA), a nodal agency mandated to deal with all cyber-security matters, for instance, is working closely with national agencies like the Computer Emergency Response Team and the National Technical Research Organisation. The armed forces, on their part, are also on a high alert to guard against "focussed large-scale cyber attacks'' on their networks.

Full article - http://timesofindia.indiatimes.com/indi ... 507747.cms
Vashishtha
BRFite
Posts: 269
Joined: 12 Jun 2010 23:06
Location: look behind you

Re: Indian Cyber Warfare Discussion

Post by Vashishtha »

this website is definetly on the list of hackers. hope we are not vunerable
JTull
BRF Oldie
Posts: 3113
Joined: 18 Jul 2001 11:31

Re: Indian Cyber Warfare Discussion

Post by JTull »

This news is big!
http://www.ft.com/cms/s/0/e9d3a662-c740 ... ab49a.html

Warning over malicious computer worm: Stuxnet

A piece of highly sophisticated malicious software that has infected an unknown number of power plants, pipelines and factories over the past year is the first program designed to cause serious damage in the physical world, security experts are warning.

The Stuxnet computer worm spreads through previously unknown holes in Microsoft’s Windows operating system and then looks for a type of software made by Siemens and used to control industrial components, including valves and brakes.

Stuxnet can hide itself, wait for certain conditions and give new orders to the components that reverse what they would normally do, the experts said. The commands are so specific that they appear aimed at an industrial sector, but officials do not know which one or what the affected equipment would do.

While cyber attacks on computer networks have slowed or stopped communication in countries such as Estonia and Georgia, Stuxnet is the first aimed at physical destruction and it heralds a new era in cyberwar.

At a closed-door conference this week in Maryland, Ralph Langner, a German industrial controls safety expert, said Stuxnet might be targeting not a sector but perhaps only one plant, and he speculated that it could be a controversial nuclear facility in Iran.

According to Symantec, which has been investigating the virus and plans to publish details of the rogue commands on Wednesday, Iran has had far more infections than any other country.

“It is not speculation that this is the first directed cyber weapon”, or one aimed at a specific real-world process, said Joe Weiss, a US expert who has testified to Congress on technological security threats to the electric grid and other physical operations. “The only speculation is what it is being used against, and by whom.”

Experts say Stuxnet’s knowledge of Microsoft’s Windows operating system, the Siemens program and the associated hardware of the target industry make it the work of a well-financed, highly organised team.

They suggest that it is most likely associated with a national government and that terrorism, ideological motivation or even extortion cannot be ruled out.

Stuxnet began spreading more than a year ago but research has been slow because of the complexity of the software and the difficulty in getting the right industry officials talking to the right security experts.

Microsoft has patched the vulnerabilities in Windows but experts remain concerned because of the worm’s ability to hind once it is in a system.

Experts have only begun publishing more of their analyses in the last few weeks, hoping that such steps will get more answers from private companies and government leaders.

Siemens said that since July 15, when it first learnt about Stuxnet, 15 of its customers had reported being infected by the worm. The company would not name the customers but said that five were in Germany and the rest were spread around the world. Siemens said critical infrastructure had not been affected by the virus and in each case the worm had been removed.

The German conglomerate said it had offered its customers a fix for the virus and that since the Stuxnet virus was detected, there had been 12,000 downloads of its anti-virus software.
What's the point in comparing how many Su-30 or MMRCA or balistic missiles we have when this kind of technology can make a country to a ground to halt in case of escalation of conflict. Just look at the energy and telecom equipment we're buying from China. Their object (wrt India) may not be to spy but to damage. The grid crash in US couple of years ago maybe just the test example.
wig
BRF Oldie
Posts: 2162
Joined: 09 Feb 2009 16:58

Re: Indian Cyber Warfare Discussion

Post by wig »

Newsmagazine TIme carries an article of interest.
the article is quite long, but i opine that it needs to be read in full. selective quotes do not do justice to cyber espionage
When he uncovered the Titan Rain routers in Guangdong, he carefully installed a homemade bugging code in the primary router's software. It sent him an e-mail alert at an anonymous Yahoo! account every time the gang made a move on the Net. Within two weeks, his Yahoo! account was filled with almost 23,000 messages, one for each connection the Titan Rain router made in its quest for files. He estimates there were six to 10 workstations behind each of the three routers, staffed around the clock. The gang stashed its stolen files in zombie servers in South Korea, for example, before sending them back to Guangdong. In one, Carpenter found a stockpile of aerospace documents with hundreds of detailed schematics about propulsion systems, solar paneling and fuel tanks for the Mars Reconnaissance Orbiter, the NASA probe launched in August. On the night he woke at 2, Carpenter copied a huge collection of files that had been stolen from Redstone Arsenal, home to the Army Aviation and Missile Command. The attackers had grabbed specs for the aviation-mission-planning system for Army helicopters, as well as Falconview 3.2, the flight-planning software used by the Army and Air Force.

http://www.time.com/time/magazine/artic ... -5,00.html
The Invasion of the Chinese Cyberspies
Dmurphy
BRFite
Posts: 1543
Joined: 03 Jun 2008 11:20
Location: India

Re: Indian Cyber Warfare Discussion

Post by Dmurphy »

Raghavendra wrote:Got this from http://www.freehacking.net
Holy Shit!!! Take off this link at once. Look at what the url says...and look where it leads. And it asks for your entire email id and password. Not sure if its wise divulging such sensitive things to a website which openly promotes hacking!
sum
BRF Oldie
Posts: 10195
Joined: 08 May 2007 17:04
Location: (IT-vity && DRDO) nagar

Re: Indian Cyber Warfare Discussion

Post by sum »

When he uncovered the Titan Rain routers in Guangdong, he carefully installed a homemade bugging code in the primary router's software. It sent him an e-mail alert at an anonymous Yahoo! account every time the gang made a move on the Net. Within two weeks, his Yahoo! account was filled with almost 23,000 messages, one for each connection the Titan Rain router made in its quest for files. He estimates there were six to 10 workstations behind each of the three routers, staffed around the clock. The gang stashed its stolen files in zombie servers in South Korea, for example, before sending them back to Guangdong. In one, Carpenter found a stockpile of aerospace documents with hundreds of detailed schematics about propulsion systems, solar paneling and fuel tanks for the Mars Reconnaissance Orbiter, the NASA probe launched in August. On the night he woke at 2, Carpenter copied a huge collection of files that had been stolen from Redstone Arsenal, home to the Army Aviation and Missile Command. The attackers had grabbed specs for the aviation-mission-planning system for Army helicopters, as well as Falconview 3.2, the flight-planning software used by the Army and Air Force.
How in $#%^ name is China not able to manufacture everything under the sun and is still importing most hi-tech equipment when it is able to get hold of blueprints of virtually anything
it wants via its massive army of cyber and HUMINT networks?

Cant even imagine how much info of GoI has been taken by the Chinese if a superpower like the US is loosing data left and right!!!
dinesha
BRFite
Posts: 1211
Joined: 01 Aug 2004 11:42
Location: Delhi

Re: Indian Cyber Warfare Discussion

Post by dinesha »

Stuxnet Computer Worm May Target Iranian Nuclear Sites, Researcher Says
http://www.bloomberg.com/news/2010-09-2 ... -says.html
A computer worm that has infected industrial computers around the world may be part of a campaign targeting nuclear installations in Iran, computer-security researchers said.

The highest concentration of affected systems -- almost 60 percent -- is in that country, according to data from Symantec Corp., the computer-security software maker. The worm’s sophisticated programming and ability to hide itself suggest it may have been built by a government-sponsored organization in a country such as the U.S. or Israel, said Frank Rieger, technology chief at GSMK, a maker of encrypted mobile phones.

He estimated that building the worm cost at least $3 million and required a team of as many as 10 skilled programmers working about six months.


“All the details so far to me scream that this was created by a nation-state,” Rieger said in a telephone interview. Iran’s nuclear facilities may have been targets, said Rieger and Richard Falkenrath, principal at the Chertoff Group, a Washington-based security advisory firm.

Iran, which has the world’s second-largest oil reserves, is under United Nations sanctions because it has refused to curtail uranium enrichment and the development of ballistic missiles that might carry a weapon. The country started a 1,000-megawatt nuclear-power reactor near the city of Bushehr in August.

‘Hides in Windows’

“It is theoretically possible that the U.S. government did this,” Falkenrath said during an interview today with Bloomberg Television. “But in my judgment, that’s a very remote possibility. It’s more likely that Israel did it.”

A message left at the Israeli embassy’s press office wasn’t immediately returned. The U.S. Department of Homeland Security, which is studying the worm, hasn’t identified its origins, a spokeswoman said.

The worm initially infects computers running several editions of Microsoft Corp.’s Windows, including older versions such as Windows 2000, and recent ones such as Windows 7, using one of four vulnerabilities known only to the worm’s creators, said Liam O Murchu, manager of North American security-response operations for Mountain View, California-based Symantec.

“It hides in Windows and then tries to spread itself to other computers running Windows,” O Murchu said. An infected computer shows no ill effects and the worm ensures that no software crashes, which is unusual, he said.

Specific System

As it spreads, the worm searches for connections to a device known as a programmable logic controller, which helps link Windows computers and computerized industrial-control systems, converting commands sent from the Windows machine into a format the industrial machines can understand. The worm targets industrial software made by Munich-based Siemens AG, researchers said.

Once an industrial machine is infected, the worm lies dormant until certain conditions in the machine are met, O Murchu said. For example, when the temperature of a certain component gets hot, the worm might prevent a cooling system from functioning. What conditions the worm waits for are unclear, he said.

‘It was designed to go after a specific system set up in a very specific way,” O Murchu said. “What we don’t yet know is where such a system exists in the real world.”

Siemens’ Software Fix

Symantec estimated in July that 14,000 individual computers connected to the Internet worldwide had shown signs of Stuxnet infections. The highest concentration -- 59 percent -- were in Iran; 18 percent were in Indonesia; 8 percent in India and less than 2 percent in the U.S.

Siemens learned of the worm in July and issued software within a week to detect and remove it, said Alexander Machowetz, a company spokesman in Erlangen, Germany. The fix was downloaded 12,000 times, and 15 customers said they were affected.

No new cases of Stuxnet infections have been reported since the end of August, and Siemens was not able to determine the worm’s country of origin, Machowetz said.

The U.S. Department of Homeland Security has been running the worm on test systems to monitor its patterns since July, said Amy Kudwa, a department spokeswoman.

‘Preventing the Spread’

“The focus is one of mitigating and preventing the spread,” she said. “It is the first malware we have seen that specifically targets control systems.”

While the department hasn’t concentrated on tracking the origins, “we cannot validate the claims of attribution,” Kudwa said.

Microsoft teamed up with researchers at Symantec and at Kasperksy Lab, a Moscow-based antivirus software firm, to create a removal tool for Stuxnet, Jerry Bryant, group manager for the Redmond, Washington-based company’s response communications, said in a company blog post dated Sept. 13. Since then “the threat has gone way down from the spike we saw in early August,” Bryant wrote.

Symantec plans to publish more details from its analysis of the worm at the Virus Bulletin International Conference in Vancouver on Sept. 29.

There is historical precedent for cyber attacks by nation- states, according to a 2004 book by a former U.S. Air Force secretary.

Spies working for the U.S. Central Intelligence Agency inserted malicious software into computer-control systems for a Soviet natural-gas pipeline in Siberia, Thomas C. Reed wrote in “At The Abyss: An Insider’s History Of The Cold War.”

Ultimately the effort caused a massive explosion, said Reed, who was Air Force Secretary in the 1970s and later advised President Ronald Reagan on national security policy.
vipins
BRFite
Posts: 471
Joined: 12 Jun 2008 17:46

Re: Indian Cyber Warfare Discussion

Post by vipins »

Not exactly warfare but still...

New Orkut Virus
Bom Sabado is an orkut virus affecting profiles of many. Those who are affected by this virus are advised to change password and security question. Log out immediately and also clear the cookies and history.Users are also advised not to open Orkut account until the problem solved.
News link
Manish_P
BRF Oldie
Posts: 5383
Joined: 25 Mar 2010 17:34

Re: Indian Cyber Warfare Discussion

Post by Manish_P »

Stuxnet to target China, India ?

Link: http://www.indianexpress.com/news/web-s ... rt/688810/

Some Key points :
"This malware is specially designed to sabotage plants and damage industrial systems, instead of stealing personal data. It will seriously threaten pillar industries in China," said Wang, an engineer at the Beijing-headquartered Rising International Software company.
Globally, the worm has been found to target Siemens systems mostly in India, Indonesia and Pakistan, but the heaviest infiltration appears to be in Iran, the report said.
According to Wang, there might be large financial groups and nations behind the malicious software.
Eugene Kaspersky, co-founder of security firm Kaspersky said the Stuxnet worm could prove that "we have now entered the age of cyber-warfare." "I think that this is the turning point... because in the past there were just cyber-criminals, now I am afraid it is the time of cyber-terrorism, cyber-weapons and cyber-wars," Kaspersky said.
arun
BRF Oldie
Posts: 10248
Joined: 28 Nov 2002 12:31

Re: Indian Cyber Warfare Discussion

Post by arun »

Manish_P wrote:Stuxnet to target China, India ?

Link: http://www.indianexpress.com/news/web-s ... rt/688810/
Maybe the Peoples Republic of China was not the target but rather the initiator of an attack targetting India.

X Posted.

Jeffrey Carr in a column written for Forbes Magazine and posted on their blog site speculates that the India’s INSAT 4 B Satellite may have been the real target of the attack by the Stuxnet worm initiated by the Peoples Republic of China :
Did The Stuxnet Worm Kill India’s INSAT-4B Satellite?

Posted by JEFFREY CARR

On July 7, 2010, a power glitch in the solar panels of India’s INSAT-4B satellite resulted in 12 of its 24 transponders shutting down. .......................

Once it became apparent that INSAT-4B was effectively dead, SunDirect ordered its servicemen to redirect customer satellite dishes to point to ASIASAT-5, a Chinese satellite owned and operated by Asia Satellite Telecommunications Co., Ltd (AsiaSat). AsiaSat’s two primary shareholders are General Electric and China International Trust and Investment Co. (CITIC), a state-owned company. China and India are competing with each other to see who will be the first to land another astronaut on the Moon. China has announced a date of 2025 while India is claiming 2020.

What does this have to do with the Stuxnet worm that’s infected thousands of systems, mostly in India and Iran? India’s Space Research Organization is a Siemens customer. According to the resumes of two former engineers who worked at the ISRO’s Liquid Propulsion Systems Centre, the Siemens software in use is Siemens S7-400 PLC and SIMATIC WinCC, both of which will activate the Stuxnet worm.

I uncovered this information as part of my background research for a paper that I’m presenting at the Black Hat Abu Dhabi conference in November. ......................

Forbes Blog
JTull
BRF Oldie
Posts: 3113
Joined: 18 Jul 2001 11:31

Re: Indian Cyber Warfare Discussion

Post by JTull »

Interesting theory!
kit
BRF Oldie
Posts: 6278
Joined: 13 Jul 2006 18:16

Re: Indian Cyber Warfare Discussion

Post by kit »

Timely thread.Why not let some white hackers lend their expertise to promote more technical awareness in some way through BRF .For example if i am stuck with a bsnl ZTE network adapter, is there any way i can know that it is being used remotely by any other person ?
It would be interesting to have a list of all chinese stuff around and how they might be compromised. And ways to prevent and neutralize those threats.
bhart
BRFite -Trainee
Posts: 41
Joined: 22 May 2002 11:31
Location: New Delhi
Contact:

Re: Indian Cyber Warfare Discussion

Post by bhart »

Stuxnet brings more new tricks to cyberwar
This raises the question of whether the virus' author might originate from the East, rather than from the West. India and China are, for example, fierce rivals and China has amply demonstrated its cyberwar capabilities in incidents such as the penetration of parts of the US power grid in 2003. Such incidents are likely to have given the Chinese a very clear picture of the effect attacks on critical infrastructure can have, and they are likely to have used this knowledge to protect their own industrial systems. According to McAfee, China leads the world in SCADA system security.
I am quite surprised that the Indian media hasn't picked up on this line. Is this what the IB was referring to when it warned against USB use (the systems were apparently first infected via USBs as per some articles)?
nits
BRFite
Posts: 1155
Joined: 01 May 2006 22:56
Location: Some where near Equator...

Re: Indian Cyber Warfare Discussion

Post by nits »

World's first 'cyber superweapon' attacks China
A computer virus dubbed the world's "first cyber superweapon" by experts and which may have been designed to attack Iran's nuclear facilities has found a new target -- China.

It has wreaked havoc in China, infecting millions of computers around the country, state media reported this week. Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves.

It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction. The virus targets control systems made by German industrial giant Siemens commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.
Post Reply