Bharat Rakshak

Consortium of Indian Defence Websites
It is currently 22 Aug 2014 12:40

All times are UTC + 5:30 hours




Post new topic Reply to topic  [ 287 posts ]  Go to page Previous  1 ... 3, 4, 5, 6, 7, 8  Next
Author Message
PostPosted: 30 May 2012 08:37 
Offline
BRFite

Joined: 09 Feb 2009 16:58
Posts: 822
Flame: The world's most complex computer virus, possessing a range of complex espionage capabilities, including the ability to secretly record conversations, has been exposed.
http://www.telegraph.co.uk/news/worldne ... posed.html
Quote:
Kaspersky Labs said the programme appeared to have been released five years ago and had infected machines in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
"If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don't know about," Roel Schouwenberg, a Kaspersky security senior researcher, said.
Professor Alan Woodward from the department of computing at the University of Surrey said the virus was extremely invasive. It could "vacuum up" information by copying keyboard strokes and the voices of people nearby.
"This wasn't written by some spotty teenager in his/her bedroom. It is large, complicated and dedicated to stealing data whilst remaining hidden for a long time," he said.
The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. Iran's output of uranium was suffered a severe blow as a result of the Stuxnet activities.
Mr Schouwenberg said there was evidence to suggest the code was commissioned by the same nation or nations that were behind Stuxnet and Duqu.
Iran's Computer Emergency Response Team said it was "a close relation" of Stuxnet, which has itself been linked to Duqu, another complicated information-stealing virus is believed to be the work of state intelligence.
It said organisations had been given software to detect and remove the newly-discovered virus at the beginning of May.
Crysys Lab, which analyses computer viruses at Budapest University. said the technical evidence for a link between Flame and Stuxnet or Duqu was inconclusive.
The newly-discovered virus does not spread itself automatically but only when hidden controllers allow it.
Unprecedented layers of software allow Flame to penetrate remote computer networks undetected.
The file, which infects Microsoft Windows computers, has five encryption algorithms, exotic data storage formats and the ability to steal documents, spy on computer users and more.
Components enable those behind it, who use a network of rapidly-shifting "command and control" servers to direct the virus, to turn microphone into listening devices, siphon off documents and log keystrokes.
Eugene Kaspersky, the founder of Kaspersky Lab, noted that "it took us 6 months to analyse Stuxnet. [This] is 20 times more complicated".
Once a machine is infected additional modules can be added to the system allowing the machine to undertake specific tracking projects.


Top
 Profile  
 
PostPosted: 31 May 2012 11:33 
Offline
BRFite

Joined: 28 Sep 2009 00:01
Posts: 158
Some more Flame... :P :P

http://www.thehindu.com/todays-paper/tp-international/article3471007.ece

Quote:
A Russian computer firm has discovered a new computer virus with unprecedented destructive potential that chiefly targets Iran and could be used as a “cyberweapon” by the West and Israel.

Iran appears to have been the main target of the attack and the announcement comes just a month after the Islamic Republic said it halted the spread of a data-deleting virus targeting computer servers in its oil sector.

Kaspersky said the virus was several times larger than the Stuxnet worm that was discovered in 2010 and targeted the Iranian nuclear programme, reportedly at the behest of Western or Israeli security agencies.


Top
 Profile  
 
PostPosted: 04 Jun 2012 10:39 
Offline
BRFite

Joined: 20 Aug 2009 19:20
Posts: 1867
Location: Lone Star State
Aaryan wrote:
Some more Flame... :P :P

http://www.thehindu.com/todays-paper/tp-international/article3471007.ece

Quote:
A Russian computer firm has discovered a new computer virus with unprecedented destructive potential that chiefly targets Iran and could be used as a “cyberweapon” by the West and Israel.

Iran appears to have been the main target of the attack and the announcement comes just a month after the Islamic Republic said it halted the spread of a data-deleting virus targeting computer servers in its oil sector.

Kaspersky said the virus was several times larger than the Stuxnet worm that was discovered in 2010 and targeted the Iranian nuclear programme, reportedly at the behest of Western or Israeli security agencies.


Russian computer firm, my foot... Kaspersky is all american as hot dogs... Anyway... It is Chindu licking its Commie masters boots...

Wonder how many instances of Flame was found in India...


Top
 Profile  
 
PostPosted: 04 Jun 2012 11:04 
Offline
BRFite

Joined: 28 Sep 2009 00:01
Posts: 158
Flame explained

Quote:
http://www.rt.com/news/flame-virus-cyber-war-536/


Quote:
It’s pretty advanced – one of the most sophisticated [examples of] malware we’ve ever seen. Even its size – it’s over 20 megabytes if you sum up all the sizes of the modules that are part of the attacking toolkit. It’s very big compared to Stuxnet, which was just hundreds of kilobytes of code: it’s over 20 megabyes. And the Stuxnet analysis took us several months, so you can imagine that a full analysis of this threat may take us up to a year. So we think it is one of the most sophisticated malware [programs] out there.

It’s also quite unique in the way it steals information. It’s possible to steal different types of information with the help of this spyware tool. It can record audio if a microphone is attached to the infected system, it can do screen captures and transmit visual data. It can steal information from the input boxes when they are hidden behind asterisks, password fields; it can get information from there.Also it can scan for locally visible Bluetooth devices if there is a Bluetooth adapter attached to the local system.


Top
 Profile  
 
PostPosted: 04 Jun 2012 23:19 
Offline
BRF Oldie

Joined: 09 Jan 2010 13:30
Posts: 6661
Just tracing some hacking attempts led to the following results.

Code:
IP Information - 119.154.108.51
IP address:                     119.154.108.51
Reverse DNS:                    [No reverse DNS entry per is-dns01.ptcl.net.]
Reverse DNS authenticity:       [Unknown]
ASN:                            17557
ASN Name:                       PKTELECOM-AS-PK (Pakistan Telecommunication Company Limited)
IP range connectivity:          6
Registrar (per ASN):            APNIC
Country (per IP registrar):     PK [Pakistan]
Country Currency:               PKR [Pakistan Rupees]
Country IP Range:               [b]119.152.0.0 to 119.159.255.255[/b]
[b]Country fraud profile:          High[/b]
City (per outside source):      Islamabad, Islamabad
Country (per outside source):   PK [Pakistan]
Private (internal) IP?          No
IP address registrar:           whois.arin.net
Known Proxy?                    No
Link for WHOIS:                 [b]119.154.108.51[/b]

Hacking attempt originated from the last IP.
There is some china connection as well originating from Fujian with IP numbers starting from

27
243
244
112 ?
220

Just for info and be cautious.


Top
 Profile  
 
PostPosted: 07 Jun 2012 16:21 
Offline
BRF Oldie

Joined: 06 Apr 2009 13:23
Posts: 5278
Shrinivasan wrote:
Russian computer firm, my foot... Kaspersky is all american as hot dogs... Anyway... It is Chindu licking its Commie masters boots...


No ...

Quote:
Kaspersky Lab is an international group that operates in more than 100 countries worldwide. The company’s headquarters are located in Moscow, Russia, from which it oversees global operations and business development.

http://www.kaspersky.com/about


Flame uses a man-in-the-middle vector that exploits the Windows update mechanism and a fake Microsoft certificate (http://www.f-secure.com/weblog/archives/00002377.html).

Shows how the only way to be secure for defense / government agencies is to use Linux. All updates should be manually examined in detail and compiled inside India by the GoI cyber-security team (which hopefully exists).


Top
 Profile  
 
PostPosted: 07 Jun 2012 18:47 
Offline
BRFite

Joined: 18 Jun 2008 00:51
Posts: 313
Location: 1/2 way between the gutter and the stars
Pranav wrote:
Shrinivasan wrote:
Russian computer firm, my foot... Kaspersky is all american as hot dogs... Anyway... It is Chindu licking its Commie masters boots...


No ...

Quote:
Kaspersky Lab is an international group that operates in more than 100 countries worldwide. The company’s headquarters are located in Moscow, Russia, from which it oversees global operations and business development.

http://www.kaspersky.com/about


Flame uses a man-in-the-middle vector that exploits the Windows update mechanism and a fake Microsoft certificate (http://www.f-secure.com/weblog/archives/00002377.html).

Shows how the only way to be secure for defense / government agencies is to use Linux. All updates should be manually examined in detail and compiled inside India by the GoI cyber-security team (which hopefully exists).


Yes, cause Linux doesn't have any security flaws and doesn't let you spoof a certificate #sarcasm

P.S. MSFT has stopped issuing certs using terminal, and is patching the hole. Zero day exploits exist for all software.
P.P.S. MSFT is one of op 10 contributors of code to Linux, FYI


Top
 Profile  
 
PostPosted: 08 Jun 2012 06:50 
Offline
BRF Oldie

Joined: 06 Apr 2009 13:23
Posts: 5278
Raveen wrote:
Quote:
Flame uses a man-in-the-middle vector that exploits the Windows update mechanism and a fake Microsoft certificate (http://www.f-secure.com/weblog/archives/00002377.html).

Shows how the only way to be secure for defense / government agencies is to use Linux. All updates should be manually examined in detail and compiled inside India by the GoI cyber-security team (which hopefully exists).


Yes, cause Linux doesn't have any security flaws and doesn't let you spoof a certificate #sarcasm


How are you going to do a man in the middle attack if I am issuing my own updates from my own server with my own certificates from my own certificate authority. All very possible for GoI. Source code for updates can be taken from a provider like Red Hat or Ubuntu, checked, compiled and then put up for distribution.

Obviously one has to assume that this attack had full support of corporate insiders in MS and elsewhere.


Top
 Profile  
 
PostPosted: 08 Jun 2012 10:35 
Offline
BRFite -Trainee

Joined: 15 Apr 2009 20:32
Posts: 16
Not necessarily. If the certificate authority is hacked and the certificates stolen, the hackers can then use them to do a man in the middle attack. Since almost all the security is dependent on the integrity of the digital certificates, if they are compromised, in the short term the attacker can install all he wants without detection.Recently a certificate authority was hacked and Man in the Middle attack was performed on various sites including gmail.
https://www.eff.org/deeplinks/2011/09/post-mortem-iranian-diginotar-attack


Top
 Profile  
 
PostPosted: 08 Jun 2012 11:11 
Offline
BRF Oldie

Joined: 10 Sep 2007 05:57
Posts: 3226
Location: Loud, Proud American
Pranav wrote:
Shows how the only way to be secure for defense / government agencies is to use Linux. All updates should be manually examined in detail and compiled inside India by the GoI cyber-security team (which hopefully exists).

:rotfl:
Most linux distros allow binary-only device drivers in the system. Lord only knows what people have put in there. And then there was an attempt to introduce a hole into the wait4() system call in the kernel code a few years ago. Luckily it was caught before too much damage was done, but who knows what else is lurking like this. Link to the hack attempt in case you guys are interested in the actual code inserted. Note that this person who inserted the code did it very cleverly, so that if the caller passes two special option values which are NOT documented as options to be used in the wait4()manual page, the call returns immediately an error code (EINVAL), but also upgrades the caller to root privileges. And the attacker put extra parens around the expression, so that the shady expression (using = instead of == in the if statement) would not cause the C compiler to issue a warning about the expression.

Also, how do you trust the C compiler that you're using to build your OS?? Maybe the backdoor is in there. You might wish to read Ken Thompson's speech called "Reflections on Trusting Trust", where he described a backdoor he'd put into UNIX a long time ago, which went undetected for years (Ken Thompson was one of UNIX's creators). What he'd done was modify the login program to allow anyone who knew a special password to log into the system, regardless of whether they had an account on the system or not. So you figure that you can recompile the login program from the C source code and it should be fixed, right? Well, he put a few lines of code into the C compiler so that it would recognize that it was compiling the login program and reinsert the backdoor into it. So now you figure you have to recompile the C compiler from sources. Well, he put some additional code into the C compiler so that it would recognize that it was compiling itself and reinsert the login backdoor code as well as the code to recognize it was compiling a C compiler back into it. Once he'd crocked the compiler's binary code, he removed the malicious source code from the C compiler and login program and recompiled everything so that the only traces of his hack were in the C compiler binary executable and the source code had no traces of his backdoor.

If you want an OS distro that doesn't allow binary only drivers into the kernel, look no further than http://www.openbsd.org/ :).


Top
 Profile  
 
PostPosted: 08 Jun 2012 22:33 
Offline
BRFite

Joined: 18 Jun 2008 00:51
Posts: 313
Location: 1/2 way between the gutter and the stars
Pranav wrote:
Quote:
Flame uses a man-in-the-middle vector that exploits the Windows update mechanism and a fake Microsoft certificate (http://www.f-secure.com/weblog/archives/00002377.html).

Shows how the only way to be secure for defense / government agencies is to use Linux. All updates should be manually examined in detail and compiled inside India by the GoI cyber-security team (which hopefully exists).




How are you going to do a man in the middle attack if I am issuing my own updates from my own server with my own certificates from my own certificate authority. All very possible for GoI. Source code for updates can be taken from a provider like Red Hat or Ubuntu, checked, compiled and then put up for distribution.

Obviously one has to assume that this attack had full support of corporate insiders in MS and elsewhere.



You've got to be high to assume that MSFT was involved.
Moreover, MS and other security experts have come forward and described how this attack happened (and it was a man in the middle with spoofed certs) and have described how they are patching to prevent it...Bing it, you'll read Mark Russinovich's blog about it, he is the new Dave Cutler for the most part and describes in detail how these attacks happened.


Top
 Profile  
 
PostPosted: 06 Jul 2012 02:26 
Offline
BRF Oldie

Joined: 31 Oct 2005 06:06
Posts: 3372
Location: Dark Side of the Moon
Cyber Neanderthals


Top
 Profile  
 
PostPosted: 07 Jul 2012 08:15 
Offline
BRF Oldie

Joined: 06 Apr 2009 13:23
Posts: 5278
deleted ..........


Last edited by Pranav on 07 Jul 2012 12:58, edited 3 times in total.

Top
 Profile  
 
PostPosted: 07 Jul 2012 08:30 
Offline
BRF Oldie

Joined: 06 Apr 2009 13:23
Posts: 5278
ArmenT wrote:
Pranav wrote:
Shows how the only way to be secure for defense / government agencies is to use Linux. All updates should be manually examined in detail and compiled inside India by the GoI cyber-security team (which hopefully exists).

:rotfl:
Most linux distros allow binary-only device drivers in the system. Lord only knows what people have put in there. And then there was an attempt to introduce a hole into the wait4() system call in the kernel code a few years ago. Luckily it was caught before too much damage was done, but who knows what else is lurking like this. Link to the hack attempt in case you guys are interested in the actual code inserted. Note that this person who inserted the code did it very cleverly, so that if the caller passes two special option values which are NOT documented as options to be used in the wait4()manual page, the call returns immediately an error code (EINVAL), but also upgrades the caller to root privileges. And the attacker put extra parens around the expression, so that the shady expression (using = instead of == in the if statement) would not cause the C compiler to issue a warning about the expression.

Also, how do you trust the C compiler that you're using to build your OS?? Maybe the backdoor is in there. You might wish to read Ken Thompson's speech called "Reflections on Trusting Trust", where he described a backdoor he'd put into UNIX a long time ago, which went undetected for years (Ken Thompson was one of UNIX's creators). What he'd done was modify the login program to allow anyone who knew a special password to log into the system, regardless of whether they had an account on the system or not. So you figure that you can recompile the login program from the C source code and it should be fixed, right? Well, he put a few lines of code into the C compiler so that it would recognize that it was compiling the login program and reinsert the backdoor into it. So now you figure you have to recompile the C compiler from sources. Well, he put some additional code into the C compiler so that it would recognize that it was compiling itself and reinsert the login backdoor code as well as the code to recognize it was compiling a C compiler back into it. Once he'd crocked the compiler's binary code, he removed the malicious source code from the C compiler and login program and recompiled everything so that the only traces of his hack were in the C compiler binary executable and the source code had no traces of his backdoor.

If you want an OS distro that doesn't allow binary only drivers into the kernel, look no further than http://www.openbsd.org/ :).


Right, this shows how you have to build everything from ground up, if you want to be safe.

Now there is a new initiative coming up called Unified Extensible Firmware Interface (UEFI) (see http://en.wikipedia.org/wiki/Unified_Ex ... _Interface) by which the BIOS will check digital signatures of OS components before loading them. This is supposed to mitigate the danger of very low level deeply embedded malware. (Obviously one can still have even lower level Trojans, built into the hardware itself.)

The problem is that everything will be based on keys registered at the Microsoft registry, which is an ab-initio risk.

See posts by Red Hat and Ubuntu.


Top
 Profile  
 
PostPosted: 09 Jul 2012 06:38 
Offline
BRF Oldie

Joined: 06 Apr 2009 13:23
Posts: 5278
Raveen wrote:
You've got to be high to assume that MSFT was involved.
Moreover, MS and other security experts have come forward and described how this attack happened (and it was a man in the middle with spoofed certs) and have described how they are patching to prevent it...Bing it, you'll read Mark Russinovich's blog about it, he is the new Dave Cutler for the most part and describes in detail how these attacks happened.


And what is the proof of Russinovich's claim of a laboriously generated md5 hash collision. Why couldn't the attackers have simply used the internal private key, or do so in the future.

Zuckerberg has an appropriate description for such trusting folks - "Facebook CEO Admits To Calling Users ‘Dumb F**ks’"


Top
 Profile  
 
PostPosted: 20 Aug 2012 09:43 
Offline
BRFite -Trainee

Joined: 15 Jan 2011 03:12
Posts: 56
x-post

That Pakistani run fake "Indian Defence Forum" is behind propaganda too

Image

http://www.thehindu.com/news/national/a ... epage=true

-----

Fake forum getting exposed: http://defenceforumindia.com/forum/anno ... d-dfi.html. BRF thread viewtopic.php?f=16&t=6081


Top
 Profile  
 
PostPosted: 16 Oct 2012 03:41 
Offline
BRFite

Joined: 18 Jun 2000 11:31
Posts: 1710
5 lakh cyber warriors to bolster India's e-defence
Quote:
NEW DELHI: Recognizing the threat of cyber attacks from a host of hostile entities — ranging from domestic saboteurs to foreign rivals — a new initiative intends to train five lakh cyber warriors in the next five years to meet a critical gap in India's defences.

A government-private sector plan will look at beefing up India's cyber security capabilities in the light of a group of experts reckoning that India faces a 4.7 lakh shortfall of such experts despite the country's reputation of being a IT and software powerhouse.

Efforts to draw a strategic plan for India, being overseen by National Security Advisor ( NSA) Shivshankar Menon, may need to be speeded up as India lags the research and planning leading western and Asian nations have already undertaken.

Cyber warfare has emerged a top threat to national security with India's systems subjected to an increasing number - and more sophisticated — cyber attacks. India faced a severe test during the 2010 Commonwealth Games when cyber attacks from Pakistan and China sought to damage information systems.

Most of the attacks India deals with originate from countries like the US, China, Russia, a few east European countries and Iran. Chinese hackers have targeted a large number of institutions, even stealing data from schools run by the armed forces.

A Canadian investigation in 2010 revealed that Chinese hackers had reached Indian missions at Kabul, Moscow, Dubai, Abuja, US, Serbia, Belgium, Germany, Cyprus, the UK and Zimbabwe. A machine at the National Security Council secretariat was tapped as were computers at military engineering services (MES).


Top
 Profile  
 
PostPosted: 16 Oct 2012 07:12 
Offline
BRFite -Trainee

Joined: 22 Feb 2012 21:01
Posts: 33
Location: Bangalore
ankitash wrote:
x-post

That Pakistani run fake "Indian Defence Forum" is behind propaganda too

Image

http://www.thehindu.com/news/national/a ... epage=true

-----

Fake forum getting exposed: http://defenceforumindia.com/forum/anno ... d-dfi.html. BRF thread viewtopic.php?f=16&t=6081


i was there in that forum but when i found out that it was a fake and when i asked the MOD y did he has to MASK his identity as PAKI and have a indian defence Forum instead if his intentions were rite he could have the forum run in his own nationality as a PAKI he didnot have any answer and inspite of repeated probing he never replied...... that how Cheap those $OB's can go......


Top
 Profile  
 
PostPosted: 01 Nov 2012 16:32 
Offline
BRFite

Joined: 15 Feb 2012 13:30
Posts: 561
DRDO, 5 other key government websites hacked, Algeria-based hackers blamed :evil: :evil: :(

Quote:
Several key government websites were hacked late on Wednesday night. These included the websites of DRDO and five other government departments hacked. A site hosted by the advisor to the Prime Minister was also hacked.

Algeria-based hackers have been blamed for the hacking. The message pasted on the websites after they had been compromised read: 'SanFour25, Algerian Hackers' minutes after the hacking.

The biggest hack was on the site of the Recruitment and Assessment Centre operated by the DRDO that deals with the recruitment of scientists to the several laboratories of the DRDO. The website was down for over 9 hours.


Top
 Profile  
 
PostPosted: 03 Nov 2012 14:29 
Offline
BRFite

Joined: 13 Jul 2006 18:16
Posts: 973
I would think CIA


Top
 Profile  
 
PostPosted: 14 Nov 2012 22:35 
Offline
BRFite

Joined: 12 Jun 2008 17:46
Posts: 299
X Post:
Quote:
Govt takes a call on preventing Chinese Trojans
Quote:
The government of India wants to promote domestic manufacturers of telecom products, as it is worried that foreign suppliers of telecom equipment, especially China, might indulge in cyber espionage during a crisis or war.
Quote:
The department has identified 18 hardware items used for telecommunications that will be put under a preferential market access category and that will be manufactured locally. They include SIM cards, base stations switching centres, network management systems, modems used for WiFi or 3G broadband services and EPABX boxes. The new rules are expected to come into force from April 1, 2013.
Though the government wants to achieve 100% dependence on domestic manufacturers, the shift will take place gradually. It will first be mandatory for all telecom companies to procure a minimum of 30% equipment from domestic manufacturers in the first year. This will go up to 45% by 2017 and so on.


Top
 Profile  
 
PostPosted: 15 Jan 2013 16:26 
Offline
Forum Moderator

Joined: 05 May 2001 11:31
Posts: 14719
Location: Chennai
e-espionage: Op Red October against India
Quote:

India and several other countries including Russia, Europe and Central Asia have woken up to a new cyber espionage attack.

The Operation Red October, called Rocra for short, a stealth cyber attack, primarily targets government, diplomatic, public research institutions, nuclear research, aerospace and oil and gas companies.

Rocra is still active as of January 2013, and has been a sustained campaign dating back as far as 2007.

While the Russian Federation tops the list with 38 attacks, Kazakhstan (21), Belgium (16), Azerbaijan (15) and India (14) occupy the subsequent slots.

“The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment,” said a cyber security analyst with the Moscow-based security solutions firm Kaspersky.

The attackers often used information that they stole from infected networks, as a way to gain entry into additional systems. For example, stolen credentials were compiled in a list and used when the attackers needed to guess passwords or phrases to gain access to additional systems.

“To control the network of infected machines, the attackers created more than 60 domain names and several server hosting locations in different countries, with the majority being in Germany and Russia. The chain of servers was actually working as proxies in order to hide the location of the ‘mothership’ control server,” he said.


Top
 Profile  
 
PostPosted: 17 Jan 2013 14:38 
Offline
BRFite -Trainee

Joined: 15 Apr 2009 20:32
Posts: 16
More info on how the red october hack was done for those who are interested.
https://www.securelist.com/en/blog/785/The_Red_October_Campaign_An_Advanced_Cyber_Espionage_Network_Targeting_Diplomatic_and_Government_Agencies


Top
 Profile  
 
PostPosted: 22 Jan 2013 04:53 
Offline
Forum Moderator

Joined: 05 May 2001 11:31
Posts: 14719
Location: Chennai
India setting up a national cyber security architecture: NSA - Economic Times
Quote:
India is in the process of setting up a national cyber security architecture with the aim to prevent sabotage, espionage and other forms of attack that could hurt the country, National Security Advisor Shivshankar Menon said today.

He said the architecture, to protect critical information infrastructure and other networks, will involve monitoring, certification and assurance of India's networks by designated agencies and bodies in accordance with the law.

"It will also involve capacity and authority for operations in cyber space", Menon said delivering the Dr. Raja Ramanna lecture on India's external and internal security at the National Institute of Advanced Studies here.

"The goal is to prevent sabotage, espionage and other forms of cyber attacks that could hurt us", he said.

The National Security Council has approved the architecture in principle and implementation details are being worked out with the ministries and agencies, "which we hope to take to the Cabinet for approval soon", Menon said. A national cyber security coordinator in the National Security Council Secretariat (NSCS) will bring this work together.


Top
 Profile  
 
PostPosted: 22 Jan 2013 09:18 
Offline
BRF Oldie

Joined: 01 Jan 1970 05:30
Posts: 22711
Location: Embarrassed by fresh-off-the-boat Indians
SSridhar wrote:
India setting up a national cyber security architecture: NSA - Economic Times
Quote:
India is in the process of setting up a national cyber security architecture with the aim to prevent sabotage, espionage and other forms of attack that could hurt the country, National Security Advisor Shivshankar Menon said today.

He said the architecture, to protect critical information infrastructure and other networks, will involve monitoring, certification and assurance of India's networks by designated agencies and bodies in accordance with the law.

"It will also involve capacity and authority for operations in cyber space", Menon said delivering the Dr. Raja Ramanna lecture on India's external and internal security at the National Institute of Advanced Studies here.

"The goal is to prevent sabotage, espionage and other forms of cyber attacks that could hurt us", he said.

The National Security Council has approved the architecture in principle and implementation details are being worked out with the ministries and agencies, "which we hope to take to the Cabinet for approval soon", Menon said. A national cyber security coordinator in the National Security Council Secretariat (NSCS) will bring this work together.


I attended this talk yesterday and will comment on it on some other thread. Menon pointed out that there is huge scope for people to enter into the fields of cryptology and cyber security in India. Tens of thousands of jobs will be available. But the government needs to attract young talent who tend to go abroad.


Top
 Profile  
 
PostPosted: 22 Jan 2013 09:37 
Offline
BRF Oldie

Joined: 29 Oct 2003 12:31
Posts: 24421
Location: NowHere
best thought would be securing at the data source.. meaning every record is signed and encrypted as stored. the encrypted data is read, transferred etc... and stays encrypted. it can be opened only at the usage end point, challenged by multi-layer security protocol - biometric+authentication with timed decryption.

now all data need not be secured., or can have multi level security setup.


Top
 Profile  
 
PostPosted: 29 Jan 2013 21:07 
Offline
BRF Oldie

Joined: 08 Aug 2006 18:43
Posts: 6685
IAF Nod To Offensive Hacking !! http://www.chhindits.blogspot.in/2013/0 ... cking.htmlhttp://twitpic.com/byy5km

Good news. This was already in place with IDS. Thanks to NSA for pushing this through.


Top
 Profile  
 
PostPosted: 30 Jan 2013 02:56 
Offline
BRF Oldie

Joined: 27 Jul 2006 17:51
Posts: 9970
Location: Satte pe satta satte pe soot; Pakistan ki m@ ki ....
shiv wrote:
But the government needs to attract young talent who tend to go abroad.

Well Govt. shoots itself in the foot by micromanaging stuff; good people in ITVTY are highly sought after the private head hunters pay a premium for a referral I know for a fact that insider referrals can easily fetch your a 6 figure sum ; point being Govt. should outsource head hunting to professionals in the private sector. Today even if there was an opening and someone wanted to apply I know he has no shot unless his distant uncle's sister in law's husband pushes his file on top. For a good candidate a job hunting period is at most 20-30 days most get snagged in that time window.


Top
 Profile  
 
PostPosted: 02 Feb 2013 18:49 
Offline
BRFite

Joined: 14 Oct 1999 11:31
Posts: 1339
It seems the most successful hacking is done by spear phishing. I've been a victim of it myself when I received a fake email from UPS. It just so happened at the time that I was expecting a package (it was Christmas time) and so I opened the email. And dig this, my protection system warned me there was something lurking there and NOT to open it. So I pulled a Zuckerman "dumb f**k" and did it anyway. I was worried about that package. Whammo!, the software took over my PC. It wouldn't even let me access my control panel to reboot to an earlier system backup. I had to shut it down and reboot in protect mode and get the system backup that way. The ONLY reason I was able to defeat the malware was because it was not subtle. It acted like Genghis Kahn and raised the battle flag to me. If it had been subtle I would have never noticed it.

And it's not just MS certificates, Adobe updates are encountered in a lot web sites. If I want to update I will go to the respective company's website to get the software and update. I never do it out in the "wild". The same with surprise MS update requests. Ikeep my system updated scheduling updates from MS on a specific day and time of the month. If it occurs outside that frame work, I hit the control panel and do a system backup from an earlier verifiable update.

The New York Times has a very detailed report of a Chinese spear phishing attack done recently. Most corporations do not reveal their procedures but the NYT was open about it. I think more corporations should do the same. Corps are always worried about bad publicity but really, the more transparency about these attacks the harder we make it for the attackers.

And oh, on several occassions I have clicked on links to military photos on this board in the past and got hijacked. Word to the wise.


Top
 Profile  
 
PostPosted: 02 Feb 2013 19:01 
Offline
BRF Oldie

Joined: 29 Oct 2003 12:31
Posts: 24421
Location: NowHere
that indeed is very nasty.. yup, if it times with a natural event like you are expecting a package or an email from your wife, etc.. you intuitions don't kick in. but, i guess that is least of worries for a federated data or secret documents for a networked security setup.


Top
 Profile  
 
PostPosted: 13 Mar 2013 08:30 
Offline
BRF Oldie

Joined: 28 Nov 2002 12:31
Posts: 5953
India at the receiving end of P.R. China based officially sponsored cyber spying targeting our Cabinet Committee on Security (CCS) and Defence Research & Development Laboratory (DRDL):

India's secrets are in Guangdong


Top
 Profile  
 
PostPosted: 25 Mar 2013 10:36 
Offline
Forum Moderator

Joined: 05 May 2001 11:31
Posts: 14719
Location: Chennai
Cyber defence: How prepared is India for cyber warfare ? - Economic Times


Top
 Profile  
 
PostPosted: 25 Mar 2013 20:07 
Offline
BRFite

Joined: 05 May 2006 21:28
Posts: 301
Location: Gujarat
SSridhar wrote:


Thank you SSridhar for sharing the article.

-Ankit


Top
 Profile  
 
PostPosted: 26 Mar 2013 19:36 
Offline
Forum Moderator

Joined: 05 May 2001 11:31
Posts: 14719
Location: Chennai
Meet to Boost Indo-UK Cooperation in Cyber Security - Economic Times
Quote:
In an effort to strengthen research cooperation between India and the UK in the cyber security domain, researchers from both the countries met here [New Delhi] to discuss methods to tackle the global crime.

A four-day workshop, which concludes tomorrow, has been organised in the city for researchers from both the countries to share information and identify key areas of research for joint collaborations in efforts to strengthen cyber security.

The workshop, jointly organised by Research Councils UK (RCUK) and India's Department of Science and Technology, saw participation of British scholars associated with IBM, McAfee, Lancaster and Southampton Universities along with researchers from various IIITs and other technology institutes of India.

"The world's increased reliance on electronic systems means that cyber attacks are likely to have significant damaging consequences.

"We need a clearer understanding of our current and future vulnerabilities and the inadequacies of current approaches, along with innovative solutions to tackle the important challenges," Deputy Director of RCUK India Helen Bailey said.

Cyber crime, privacy and security in online social media, risk identification, monitoring systems and networks were among the various topics discussed during the workshop.

After the workshop, the UK researchers along with some of their Indian counterparts will visit the Infosys campus in Hyderabad.


Top
 Profile  
 
PostPosted: 11 May 2013 18:05 
Offline
BRFite

Joined: 14 Oct 1999 11:31
Posts: 1339
Indian credit card processor hacked in $45 million heist.

http://finance.yahoo.com/news/exclusive ... 08458.html


Top
 Profile  
 
PostPosted: 12 May 2013 04:55 
Offline
BRF Oldie

Joined: 29 Oct 2003 12:31
Posts: 24421
Location: NowHere
See.. security is always sidelined by politics. face it.

There are ways to make it hack proof. But, when selfish corporate world want to only make money, and ignore on preventive setups.


Top
 Profile  
 
PostPosted: 18 May 2013 20:16 
Offline
BRFite

Joined: 01 Aug 2004 11:42
Posts: 698
Location: Delhi
Tri-service commands for space, cyber warfare
http://timesofindia.indiatimes.com/indi ... 115462.cms
Quote:
The armed forces are now finalizing the plan for creation of three new tri-Service commands to handle space, cyber and special forces, which will be "critical" in deploying capabilities for conventional as well asymmetric warfare in a unified manner.

Contours of the Cyber, Aerospace and Special Operations Commands (SOC), after "a lot of spadework" over the past several months, are now being fine-tuned to ensure the "formal joint plan" can be presented to the government by end-July, say sources.

"The Aerospace Command, for instance, can be based at Hyderabad because of the presence of ISRO, DRDO there. Similarly, the SOC can come up at Delhi since the C-130J `Super Hercules' aircraft, which are customized for special operations, are based at Hindon airbase," said a source.

The chiefs of staff committee — headed by Air Chief Marshal N A K Browne and including General Bikram Singh and Admiral D K Joshi — as well as other forums of the top military brass have been mulling over the plan since last year, as was first reported by TOI.

Though the "urgent need" for Army, Navy and IAF to "synergise" their efforts in tackling challenges in the domains of space, cyber and special forces is well-acknowledged, especially with China furiously developing counter-space and cyber weapons, there has been no final decision on who will "mother" which command.

The experience of India's only theatre command at Andaman and Nicobar islands (ANC), with its commander-in-chief (a three-star officer like Lt-General, Vice-Admiral or Air Marshal) being rotated among the three Services, has not been successful. "Turf wars ensure the Services are not very keen to part with their assets for ANC," said the source.

At present, each Service gets to head the three unified commands — ANC, Strategic Forces Command (SFC) and Integrated Defence Staff (IDS) — by rotation. "But it is felt one particular service should have stake in a specific command that can draw assets and manpower from all three but is steered by that Service," he said.

So, a view that has emerged is that while SFC, IDS and Cyber Command can continue to be "rotated", ANC should be headed by Navy, Aerospace Command by IAF, and SOC by Army. "This fits in with the domain expertise of each Service. The government will of course have to take the final call on the new commands," he said.

India has floundered for long in setting up effective and unified structures to deal with threats in space and cyberspace as well as in strengthening its clandestine and "unconventional" warfare capabilities.

The Aerospace Command, for instance, has been demanded by the armed forces in the past also but the government has kept it in cold storage despite China having an expansive military space programme that extends to advanced ASAT (anti-satellite) capabilities with "direct-ascent" missiles, hit-to-kill "kinetic" and directed-energy laser weapons.

Cyber-warfare, too, is a frontline military priority for China. Cyber-weapons can cripple an adversary's strategic networks and energy grids, banking and communication, and even sabotage a country's nuclear programme like Iran learnt after the Stuxnet software "worm" destroyed a thousand of its centrifuges a couple of years ago.


Top
 Profile  
 
PostPosted: 18 May 2013 22:59 
Offline
BRF Oldie

Joined: 08 Aug 2006 18:43
Posts: 6685
Cyber warfare already operates under IDS. We have been conducting some offensive ops with some successful.


Top
 Profile  
 
PostPosted: 20 May 2013 19:56 
Offline
BRFite -Trainee

Joined: 31 Aug 2008 17:50
Posts: 35
Report detailing "a cyberattack infrastructure that appears to be Indian in origin"
OPERATION HANGOVER Unveiling an Indian Cyberattack Infrastructure http://enterprise.norman.com/resources/ ... ucture.pdf


Top
 Profile  
 
PostPosted: 21 May 2013 05:19 
Offline
BRFite

Joined: 18 Jun 2000 11:31
Posts: 1710
From Indian Express: 'Sophisticated' Indian cyberattacks targeted Pak military sites: Report
Quote:
Cyber analysts in Norway have claimed that hackers based in India have been targeting government and military agencies in Pakistan for the last three years, extracting information of national security interest to India.

The "sophisticated" attacks originated from an extensive, "non-state" cyberattack infrastructure, and used decoy links, including those that referred to this year's beheading incident on the Line of Control and rebel movements in the Northeast, as bait, according to a report released Monday by the Oslo-based Norman Shark group.

The alleged cyberattack network — referred to as "Operation Hangover" in the report — was apparently unearthed as cyber analysts investigated an industrial espionage attack on the Norwegian telecom firm Telenor.

The report has not identified the Pakistani agencies that were targeted, but has hinted that these included several sensitive military targets that would be of interest to India. The primary goal of the network seems to have been "surveillance against national security interests", says the report.

The report says there is no evidence of "state sponsorship" for Operation Hangover. But it names several private Indian hacker groups, including those based in New Delhi, as being behind the attack.

The hackers allegedly exploited vulnerabilities in software to plant Trojans in computers across the world, primarily in Pakistan, that then extracted information and sent it back over the Internet.

There are no details yet on how much data might have been leaked, but the report claims that the network became active in 2010, peaked last year, and continues to be active currently.

"Based on analysis of IP addresses collected from criminal data stores discovered during the investigation, it appears that potential victims have been targeted in over a dozen countries, most heavily represented by Pakistan, Iran, and the United States. Targets include government, military and civilian organisations," the report says.
:
:
:


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 287 posts ]  Go to page Previous  1 ... 3, 4, 5, 6, 7, 8  Next

All times are UTC + 5:30 hours


Who is online

Users browsing this forum: Google Feedfetcher and 20 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group