Govt plans to cut internet services in case of cyber attacks
Indian law enforcement and national security officials are drawing up plans that will give them technology capabilities to cut off all internet services during emergencies. http://economictimes.indiatimes.com/tec ... 791296.cms
After a series of recent meetings on cyber security held at the prime Minister’s Office at South Block, all government departments have been asked to jointly work on developing technologies and also invest in enhancing R&D capabilities to enhance the Centre’s control on internet services within the country, officials aware of the development told ET.
Officially, these steps are aimed at protecting Indian infrastructure from cyber attacks, but analysts fear that this may lead to greater government controls over internet as in China. Globally many countries are working on securing their communication networks from crippling cyber attacks that target the IT infrastructure of banks, airports, railways and government offices, all of which are often connected to the internet.
As the first step, the Centre wants to control national gateways, the points at which all data and internet connects to the outside world. Currently, many of these points are under the control of telecom and internet companies. These firms have capabilities to install filters that can slow down or block certain objectionable content on the directions of the government
The possibility of the Centre taking charge of the internet during emergencies and cyber wars were discussed at a recent meeting at the Prime Minister’s Office, chaired by the national security advisor Shivshankar Menon with representatives from all intelligence agencies and key department such as IT, telecoms, atomic energy, defence and space.
" China has been able to establish controls which enable it to choke the internet at will. The number of vulnerabilities in cyber space could be reduced by ensuring that closed loop information systems are not connected to the internet," said the minutes of this meet, which were seen by ET.
The model similar to that of China is being explored where key government departments work together on cyber space related issues with a long term vision. A move to make many networks closed group and not connected with internet is also being explored. The departments have also been asked to tap competencies and R&D capabilities of private organizations and academia to identify and plug gaps in the country’s cyber security apparatus.
Non possession of full web gateway control has resulted in economic losses for governments in past. In April 2007, when Estonia removed the Russia . war memorials from its territory, it was met with a massive denial of service attack allegedly from Russia. In the days that followed, IT infrastructure in Estonia government, banks, news organizations were crippled and banks suffered losses. In 2008, Russians attacked Georgian news agencies during Ossetia war crashing their servers.
"Shutting the internet would be like closing your shop whenever somebody starts throwing stones on it," says Vikas Desai, technical lead at IT security firm RSA. "Many solutions like a massive firewall, log management should be installed to monitor security, not content," he adds.
The Centre also attempting to map the cyber assets of adversaries (like Pakistan and China) amongst others so that India can retaliate and also launch offensive cyber operations against these nations when subject to an attack.
‘This would involve development of capabilities to observe, understand and react to treats as well as to understand the behavioral dynamics of players in cyber space. It will also be important to develop standards and patents in the next generation technologies in order to control the cyber space," the minutes of the meet chaired by Mr Menon says, while adding this would the only way by which India would attain a bargaining position in the cyber world.
The Centre is also becoming wary of foreign IT security providers like US based ‘Symantec and McAfee’ who are currently entrusted with the tasks of reporting vulnerabilities in Indian cyber space, and have remote access to Indian internet gateways.
"International companies are unlikely to share information beyond India specific domains. These issues need to be addressed through robust regulatory and R&D strategies," the minutes state..
Emails sent to US based Symantec and McAfee on the government's concerns about them did not elicit any response.
A denial of service attack happens when a server is requested for a particular information like a website millions of times in a fraction of second by a computer, that it leads to crashing of the server. In a distributed denial of service attack, many computers attack on the same server, millions of times in a second. This makes it difficult for a firewall to block a particular IP address since millions of other IP addresses are attacking at the same time. However, switching off the internet might bring some relief temporarily to a country, till vulnerabilities are fixed.