Indian Cyber Warfare Discussion

The Military Issues & History Forum is a venue to discuss issues relating to the military aspects of the Indian Armed Forces, whether the past, present or future. We request members to kindly stay within the mandate of this forum and keep their exchanges of views, on a civilised level, however vehemently any disagreement may be felt. All feedback regarding forum usage may be sent to the moderators using the Feedback Form or by clicking the Report Post Icon in any objectionable post for proper action. Please note that the views expressed by the Members and Moderators on these discussion boards are that of the individuals only and do not reflect the official policy or view of the Bharat-Rakshak.com Website. Copyright Violation is strictly prohibited and may result in revocation of your posting rights - please read the FAQ for full details. Users must also abide by the Forum Guidelines at all times.
Post Reply
Raveen
BRFite
Posts: 841
Joined: 18 Jun 2008 00:51
Location: 1/2 way between the gutter and the stars
Contact:

Re: Indian Cyber Warfare Discussion

Post by Raveen »

Pranav wrote:
Flame uses a man-in-the-middle vector that exploits the Windows update mechanism and a fake Microsoft certificate (http://www.f-secure.com/weblog/archives/00002377.html).

Shows how the only way to be secure for defense / government agencies is to use Linux. All updates should be manually examined in detail and compiled inside India by the GoI cyber-security team (which hopefully exists).


How are you going to do a man in the middle attack if I am issuing my own updates from my own server with my own certificates from my own certificate authority. All very possible for GoI. Source code for updates can be taken from a provider like Red Hat or Ubuntu, checked, compiled and then put up for distribution.

Obviously one has to assume that this attack had full support of corporate insiders in MS and elsewhere.

You've got to be high to assume that MSFT was involved.
Moreover, MS and other security experts have come forward and described how this attack happened (and it was a man in the middle with spoofed certs) and have described how they are patching to prevent it...Bing it, you'll read Mark Russinovich's blog about it, he is the new Dave Cutler for the most part and describes in detail how these attacks happened.
ShauryaT
BRF Oldie
Posts: 5350
Joined: 31 Oct 2005 06:06

Re: Indian Cyber Warfare Discussion

Post by ShauryaT »

Pranav
BRF Oldie
Posts: 5280
Joined: 06 Apr 2009 13:23

Re: Indian Cyber Warfare Discussion

Post by Pranav »

deleted ..........
Last edited by Pranav on 07 Jul 2012 12:58, edited 3 times in total.
Pranav
BRF Oldie
Posts: 5280
Joined: 06 Apr 2009 13:23

Re: Indian Cyber Warfare Discussion

Post by Pranav »

ArmenT wrote:
Pranav wrote: Shows how the only way to be secure for defense / government agencies is to use Linux. All updates should be manually examined in detail and compiled inside India by the GoI cyber-security team (which hopefully exists).
:rotfl:
Most linux distros allow binary-only device drivers in the system. Lord only knows what people have put in there. And then there was an attempt to introduce a hole into the wait4() system call in the kernel code a few years ago. Luckily it was caught before too much damage was done, but who knows what else is lurking like this. Link to the hack attempt in case you guys are interested in the actual code inserted. Note that this person who inserted the code did it very cleverly, so that if the caller passes two special option values which are NOT documented as options to be used in the wait4()manual page, the call returns immediately an error code (EINVAL), but also upgrades the caller to root privileges. And the attacker put extra parens around the expression, so that the shady expression (using = instead of == in the if statement) would not cause the C compiler to issue a warning about the expression.

Also, how do you trust the C compiler that you're using to build your OS?? Maybe the backdoor is in there. You might wish to read Ken Thompson's speech called "Reflections on Trusting Trust", where he described a backdoor he'd put into UNIX a long time ago, which went undetected for years (Ken Thompson was one of UNIX's creators). What he'd done was modify the login program to allow anyone who knew a special password to log into the system, regardless of whether they had an account on the system or not. So you figure that you can recompile the login program from the C source code and it should be fixed, right? Well, he put a few lines of code into the C compiler so that it would recognize that it was compiling the login program and reinsert the backdoor into it. So now you figure you have to recompile the C compiler from sources. Well, he put some additional code into the C compiler so that it would recognize that it was compiling itself and reinsert the login backdoor code as well as the code to recognize it was compiling a C compiler back into it. Once he'd crocked the compiler's binary code, he removed the malicious source code from the C compiler and login program and recompiled everything so that the only traces of his hack were in the C compiler binary executable and the source code had no traces of his backdoor.

If you want an OS distro that doesn't allow binary only drivers into the kernel, look no further than http://www.openbsd.org/ :).
Right, this shows how you have to build everything from ground up, if you want to be safe.

Now there is a new initiative coming up called Unified Extensible Firmware Interface (UEFI) (see http://en.wikipedia.org/wiki/Unified_Ex ... _Interface) by which the BIOS will check digital signatures of OS components before loading them. This is supposed to mitigate the danger of very low level deeply embedded malware. (Obviously one can still have even lower level Trojans, built into the hardware itself.)

The problem is that everything will be based on keys registered at the Microsoft registry, which is an ab-initio risk.

See posts by Red Hat and Ubuntu.
Pranav
BRF Oldie
Posts: 5280
Joined: 06 Apr 2009 13:23

Re: Indian Cyber Warfare Discussion

Post by Pranav »

Raveen wrote: You've got to be high to assume that MSFT was involved.
Moreover, MS and other security experts have come forward and described how this attack happened (and it was a man in the middle with spoofed certs) and have described how they are patching to prevent it...Bing it, you'll read Mark Russinovich's blog about it, he is the new Dave Cutler for the most part and describes in detail how these attacks happened.
And what is the proof of Russinovich's claim of a laboriously generated md5 hash collision. Why couldn't the attackers have simply used the internal private key, or do so in the future.

Zuckerberg has an appropriate description for such trusting folks - "Facebook CEO Admits To Calling Users ‘Dumb F**ks’"
ankitash
BRFite -Trainee
Posts: 64
Joined: 15 Jan 2011 03:12

Re: Indian Cyber Warfare Discussion

Post by ankitash »

x-post

That Pakistani run fake "Indian Defence Forum" is behind propaganda too

Image

http://www.thehindu.com/news/national/a ... epage=true

-----

Fake forum getting exposed: http://defenceforumindia.com/forum/anno ... d-dfi.html. BRF thread http://forums.bharat-rakshak.com/viewto ... =16&t=6081
VinodTK
BRF Oldie
Posts: 2976
Joined: 18 Jun 2000 11:31

Re: Indian Cyber Warfare Discussion

Post by VinodTK »

5 lakh cyber warriors to bolster India's e-defence
NEW DELHI: Recognizing the threat of cyber attacks from a host of hostile entities — ranging from domestic saboteurs to foreign rivals — a new initiative intends to train five lakh cyber warriors in the next five years to meet a critical gap in India's defences.

A government-private sector plan will look at beefing up India's cyber security capabilities in the light of a group of experts reckoning that India faces a 4.7 lakh shortfall of such experts despite the country's reputation of being a IT and software powerhouse.

Efforts to draw a strategic plan for India, being overseen by National Security Advisor ( NSA) Shivshankar Menon, may need to be speeded up as India lags the research and planning leading western and Asian nations have already undertaken.

Cyber warfare has emerged a top threat to national security with India's systems subjected to an increasing number - and more sophisticated — cyber attacks. India faced a severe test during the 2010 Commonwealth Games when cyber attacks from Pakistan and China sought to damage information systems.

Most of the attacks India deals with originate from countries like the US, China, Russia, a few east European countries and Iran. Chinese hackers have targeted a large number of institutions, even stealing data from schools run by the armed forces.

A Canadian investigation in 2010 revealed that Chinese hackers had reached Indian missions at Kabul, Moscow, Dubai, Abuja, US, Serbia, Belgium, Germany, Cyprus, the UK and Zimbabwe. A machine at the National Security Council secretariat was tapped as were computers at military engineering services (MES).
gkriish
BRFite -Trainee
Posts: 36
Joined: 11 Aug 2016 06:14

Re: Indian Cyber Warfare Discussion

Post by gkriish »

ankitash wrote:x-post

That Pakistani run fake "Indian Defence Forum" is behind propaganda too

Image

http://www.thehindu.com/news/national/a ... epage=true

-----

Fake forum getting exposed: http://defenceforumindia.com/forum/anno ... d-dfi.html. BRF thread http://forums.bharat-rakshak.com/viewto ... =16&t=6081
i was there in that forum but when i found out that it was a fake and when i asked the MOD y did he has to MASK his identity as PAKI and have a indian defence Forum instead if his intentions were rite he could have the forum run in his own nationality as a PAKI he didnot have any answer and inspite of repeated probing he never replied...... that how Cheap those $OB's can go......
gunjur
BRFite
Posts: 602
Joined: 11 Aug 2016 06:14

Re: Indian Cyber Warfare Discussion

Post by gunjur »

DRDO, 5 other key government websites hacked, Algeria-based hackers blamed :evil: :evil: :(
Several key government websites were hacked late on Wednesday night. These included the websites of DRDO and five other government departments hacked. A site hosted by the advisor to the Prime Minister was also hacked.

Algeria-based hackers have been blamed for the hacking. The message pasted on the websites after they had been compromised read: 'SanFour25, Algerian Hackers' minutes after the hacking.

The biggest hack was on the site of the Recruitment and Assessment Centre operated by the DRDO that deals with the recruitment of scientists to the several laboratories of the DRDO. The website was down for over 9 hours.
kit
BRF Oldie
Posts: 6278
Joined: 13 Jul 2006 18:16

Re: Indian Cyber Warfare Discussion

Post by kit »

I would think CIA
vipins
BRFite
Posts: 471
Joined: 12 Jun 2008 17:46

Re: Indian Cyber Warfare Discussion

Post by vipins »

X Post:
Govt takes a call on preventing Chinese Trojans
The government of India wants to promote domestic manufacturers of telecom products, as it is worried that foreign suppliers of telecom equipment, especially China, might indulge in cyber espionage during a crisis or war.
The department has identified 18 hardware items used for telecommunications that will be put under a preferential market access category and that will be manufactured locally. They include SIM cards, base stations switching centres, network management systems, modems used for WiFi or 3G broadband services and EPABX boxes. The new rules are expected to come into force from April 1, 2013.
Though the government wants to achieve 100% dependence on domestic manufacturers, the shift will take place gradually. It will first be mandatory for all telecom companies to procure a minimum of 30% equipment from domestic manufacturers in the first year. This will go up to 45% by 2017 and so on.
SSridhar
Forum Moderator
Posts: 25085
Joined: 05 May 2001 11:31
Location: Chennai

Re: Indian Cyber Warfare Discussion

Post by SSridhar »

e-espionage: Op Red October against India

India and several other countries including Russia, Europe and Central Asia have woken up to a new cyber espionage attack.

The Operation Red October, called Rocra for short, a stealth cyber attack, primarily targets government, diplomatic, public research institutions, nuclear research, aerospace and oil and gas companies.

Rocra is still active as of January 2013, and has been a sustained campaign dating back as far as 2007.

While the Russian Federation tops the list with 38 attacks, Kazakhstan (21), Belgium (16), Azerbaijan (15) and India (14) occupy the subsequent slots.

“The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment,” said a cyber security analyst with the Moscow-based security solutions firm Kaspersky.

The attackers often used information that they stole from infected networks, as a way to gain entry into additional systems. For example, stolen credentials were compiled in a list and used when the attackers needed to guess passwords or phrases to gain access to additional systems.

“To control the network of infected machines, the attackers created more than 60 domain names and several server hosting locations in different countries, with the majority being in Germany and Russia. The chain of servers was actually working as proxies in order to hide the location of the ‘mothership’ control server,” he said.
nmadhav
BRFite -Trainee
Posts: 19
Joined: 15 Apr 2009 20:32

Re: Indian Cyber Warfare Discussion

Post by nmadhav »

More info on how the red october hack was done for those who are interested.
https://www.securelist.com/en/blog/785/ ... t_Agencies
SSridhar
Forum Moderator
Posts: 25085
Joined: 05 May 2001 11:31
Location: Chennai

Re: Indian Cyber Warfare Discussion

Post by SSridhar »

India setting up a national cyber security architecture: NSA - Economic Times
India is in the process of setting up a national cyber security architecture with the aim to prevent sabotage, espionage and other forms of attack that could hurt the country, National Security Advisor Shivshankar Menon said today.

He said the architecture, to protect critical information infrastructure and other networks, will involve monitoring, certification and assurance of India's networks by designated agencies and bodies in accordance with the law.

"It will also involve capacity and authority for operations in cyber space", Menon said delivering the Dr. Raja Ramanna lecture on India's external and internal security at the National Institute of Advanced Studies here.

"The goal is to prevent sabotage, espionage and other forms of cyber attacks that could hurt us", he said.

The National Security Council has approved the architecture in principle and implementation details are being worked out with the ministries and agencies, "which we hope to take to the Cabinet for approval soon", Menon said. A national cyber security coordinator in the National Security Council Secretariat (NSCS) will bring this work together.
shiv
BRF Oldie
Posts: 34982
Joined: 01 Jan 1970 05:30
Location: Pindliyon ka Gooda

Re: Indian Cyber Warfare Discussion

Post by shiv »

SSridhar wrote:India setting up a national cyber security architecture: NSA - Economic Times
India is in the process of setting up a national cyber security architecture with the aim to prevent sabotage, espionage and other forms of attack that could hurt the country, National Security Advisor Shivshankar Menon said today.

He said the architecture, to protect critical information infrastructure and other networks, will involve monitoring, certification and assurance of India's networks by designated agencies and bodies in accordance with the law.

"It will also involve capacity and authority for operations in cyber space", Menon said delivering the Dr. Raja Ramanna lecture on India's external and internal security at the National Institute of Advanced Studies here.

"The goal is to prevent sabotage, espionage and other forms of cyber attacks that could hurt us", he said.

The National Security Council has approved the architecture in principle and implementation details are being worked out with the ministries and agencies, "which we hope to take to the Cabinet for approval soon", Menon said. A national cyber security coordinator in the National Security Council Secretariat (NSCS) will bring this work together.
I attended this talk yesterday and will comment on it on some other thread. Menon pointed out that there is huge scope for people to enter into the fields of cryptology and cyber security in India. Tens of thousands of jobs will be available. But the government needs to attract young talent who tend to go abroad.
SaiK
BRF Oldie
Posts: 36424
Joined: 29 Oct 2003 12:31
Location: NowHere

Re: Indian Cyber Warfare Discussion

Post by SaiK »

best thought would be securing at the data source.. meaning every record is signed and encrypted as stored. the encrypted data is read, transferred etc... and stays encrypted. it can be opened only at the usage end point, challenged by multi-layer security protocol - biometric+authentication with timed decryption.

now all data need not be secured., or can have multi level security setup.
shyamd
BRF Oldie
Posts: 7101
Joined: 08 Aug 2006 18:43

Re: Indian Cyber Warfare Discussion

Post by shyamd »

IAF Nod To Offensive Hacking !! http://www.chhindits.blogspot.in/2013/0 ... cking.htmlhttp://twitpic.com/byy5km

Good news. This was already in place with IDS. Thanks to NSA for pushing this through.
negi
BRF Oldie
Posts: 13112
Joined: 27 Jul 2006 17:51
Location: Ban se dar nahin lagta , chootiyon se lagta hai .

Re: Indian Cyber Warfare Discussion

Post by negi »

shiv wrote: But the government needs to attract young talent who tend to go abroad.
Well Govt. shoots itself in the foot by micromanaging stuff; good people in ITVTY are highly sought after the private head hunters pay a premium for a referral I know for a fact that insider referrals can easily fetch your a 6 figure sum ; point being Govt. should outsource head hunting to professionals in the private sector. Today even if there was an opening and someone wanted to apply I know he has no shot unless his distant uncle's sister in law's husband pushes his file on top. For a good candidate a job hunting period is at most 20-30 days most get snagged in that time window.
TSJones
BRF Oldie
Posts: 3022
Joined: 14 Oct 1999 11:31

Re: Indian Cyber Warfare Discussion

Post by TSJones »

It seems the most successful hacking is done by spear phishing. I've been a victim of it myself when I received a fake email from UPS. It just so happened at the time that I was expecting a package (it was Christmas time) and so I opened the email. And dig this, my protection system warned me there was something lurking there and NOT to open it. So I pulled a Zuckerman "dumb f**k" and did it anyway. I was worried about that package. Whammo!, the software took over my PC. It wouldn't even let me access my control panel to reboot to an earlier system backup. I had to shut it down and reboot in protect mode and get the system backup that way. The ONLY reason I was able to defeat the malware was because it was not subtle. It acted like Genghis Kahn and raised the battle flag to me. If it had been subtle I would have never noticed it.

And it's not just MS certificates, Adobe updates are encountered in a lot web sites. If I want to update I will go to the respective company's website to get the software and update. I never do it out in the "wild". The same with surprise MS update requests. Ikeep my system updated scheduling updates from MS on a specific day and time of the month. If it occurs outside that frame work, I hit the control panel and do a system backup from an earlier verifiable update.

The New York Times has a very detailed report of a Chinese spear phishing attack done recently. Most corporations do not reveal their procedures but the NYT was open about it. I think more corporations should do the same. Corps are always worried about bad publicity but really, the more transparency about these attacks the harder we make it for the attackers.

And oh, on several occassions I have clicked on links to military photos on this board in the past and got hijacked. Word to the wise.
SaiK
BRF Oldie
Posts: 36424
Joined: 29 Oct 2003 12:31
Location: NowHere

Re: Indian Cyber Warfare Discussion

Post by SaiK »

that indeed is very nasty.. yup, if it times with a natural event like you are expecting a package or an email from your wife, etc.. you intuitions don't kick in. but, i guess that is least of worries for a federated data or secret documents for a networked security setup.
arun
BRF Oldie
Posts: 10248
Joined: 28 Nov 2002 12:31

Re: Indian Cyber Warfare Discussion

Post by arun »

India at the receiving end of P.R. China based officially sponsored cyber spying targeting our Cabinet Committee on Security (CCS) and Defence Research & Development Laboratory (DRDL):

India's secrets are in Guangdong
SSridhar
Forum Moderator
Posts: 25085
Joined: 05 May 2001 11:31
Location: Chennai

Re: Indian Cyber Warfare Discussion

Post by SSridhar »

Ankit Desai
BRFite
Posts: 634
Joined: 05 May 2006 21:28
Location: Gujarat

Re: Indian Cyber Warfare Discussion

Post by Ankit Desai »

Thank you SSridhar for sharing the article.

-Ankit
SSridhar
Forum Moderator
Posts: 25085
Joined: 05 May 2001 11:31
Location: Chennai

Re: Indian Cyber Warfare Discussion

Post by SSridhar »

Meet to Boost Indo-UK Cooperation in Cyber Security - Economic Times
In an effort to strengthen research cooperation between India and the UK in the cyber security domain, researchers from both the countries met here [New Delhi] to discuss methods to tackle the global crime.

A four-day workshop, which concludes tomorrow, has been organised in the city for researchers from both the countries to share information and identify key areas of research for joint collaborations in efforts to strengthen cyber security.

The workshop, jointly organised by Research Councils UK (RCUK) and India's Department of Science and Technology, saw participation of British scholars associated with IBM, McAfee, Lancaster and Southampton Universities along with researchers from various IIITs and other technology institutes of India.

"The world's increased reliance on electronic systems means that cyber attacks are likely to have significant damaging consequences.

"We need a clearer understanding of our current and future vulnerabilities and the inadequacies of current approaches, along with innovative solutions to tackle the important challenges," Deputy Director of RCUK India Helen Bailey said.

Cyber crime, privacy and security in online social media, risk identification, monitoring systems and networks were among the various topics discussed during the workshop.

After the workshop, the UK researchers along with some of their Indian counterparts will visit the Infosys campus in Hyderabad.
TSJones
BRF Oldie
Posts: 3022
Joined: 14 Oct 1999 11:31

Re: Indian Cyber Warfare Discussion

Post by TSJones »

Indian credit card processor hacked in $45 million heist.

http://finance.yahoo.com/news/exclusive ... 08458.html
SaiK
BRF Oldie
Posts: 36424
Joined: 29 Oct 2003 12:31
Location: NowHere

Re: Indian Cyber Warfare Discussion

Post by SaiK »

See.. security is always sidelined by politics. face it.

There are ways to make it hack proof. But, when selfish corporate world want to only make money, and ignore on preventive setups.
dinesha
BRFite
Posts: 1211
Joined: 01 Aug 2004 11:42
Location: Delhi

Re: Indian Cyber Warfare Discussion

Post by dinesha »

Tri-service commands for space, cyber warfare
http://timesofindia.indiatimes.com/indi ... 115462.cms
The armed forces are now finalizing the plan for creation of three new tri-Service commands to handle space, cyber and special forces, which will be "critical" in deploying capabilities for conventional as well asymmetric warfare in a unified manner.

Contours of the Cyber, Aerospace and Special Operations Commands (SOC), after "a lot of spadework" over the past several months, are now being fine-tuned to ensure the "formal joint plan" can be presented to the government by end-July, say sources.

"The Aerospace Command, for instance, can be based at Hyderabad because of the presence of ISRO, DRDO there. Similarly, the SOC can come up at Delhi since the C-130J `Super Hercules' aircraft, which are customized for special operations, are based at Hindon airbase," said a source.

The chiefs of staff committee — headed by Air Chief Marshal N A K Browne and including General Bikram Singh and Admiral D K Joshi — as well as other forums of the top military brass have been mulling over the plan since last year, as was first reported by TOI.

Though the "urgent need" for Army, Navy and IAF to "synergise" their efforts in tackling challenges in the domains of space, cyber and special forces is well-acknowledged, especially with China furiously developing counter-space and cyber weapons, there has been no final decision on who will "mother" which command.

The experience of India's only theatre command at Andaman and Nicobar islands (ANC), with its commander-in-chief (a three-star officer like Lt-General, Vice-Admiral or Air Marshal) being rotated among the three Services, has not been successful. "Turf wars ensure the Services are not very keen to part with their assets for ANC," said the source.

At present, each Service gets to head the three unified commands — ANC, Strategic Forces Command (SFC) and Integrated Defence Staff (IDS) — by rotation. "But it is felt one particular service should have stake in a specific command that can draw assets and manpower from all three but is steered by that Service," he said.

So, a view that has emerged is that while SFC, IDS and Cyber Command can continue to be "rotated", ANC should be headed by Navy, Aerospace Command by IAF, and SOC by Army. "This fits in with the domain expertise of each Service. The government will of course have to take the final call on the new commands," he said.

India has floundered for long in setting up effective and unified structures to deal with threats in space and cyberspace as well as in strengthening its clandestine and "unconventional" warfare capabilities.

The Aerospace Command, for instance, has been demanded by the armed forces in the past also but the government has kept it in cold storage despite China having an expansive military space programme that extends to advanced ASAT (anti-satellite) capabilities with "direct-ascent" missiles, hit-to-kill "kinetic" and directed-energy laser weapons.

Cyber-warfare, too, is a frontline military priority for China. Cyber-weapons can cripple an adversary's strategic networks and energy grids, banking and communication, and even sabotage a country's nuclear programme like Iran learnt after the Stuxnet software "worm" destroyed a thousand of its centrifuges a couple of years ago.
shyamd
BRF Oldie
Posts: 7101
Joined: 08 Aug 2006 18:43

Re: Indian Cyber Warfare Discussion

Post by shyamd »

Cyber warfare already operates under IDS. We have been conducting some offensive ops with some successful.
Kritavarman
BRFite -Trainee
Posts: 53
Joined: 31 Aug 2008 17:50
Contact:

Re: Indian Cyber Warfare Discussion

Post by Kritavarman »

Report detailing "a cyberattack infrastructure that appears to be Indian in origin"
OPERATION HANGOVER Unveiling an Indian Cyberattack Infrastructure http://enterprise.norman.com/resources/ ... ucture.pdf
VinodTK
BRF Oldie
Posts: 2976
Joined: 18 Jun 2000 11:31

Re: Indian Cyber Warfare Discussion

Post by VinodTK »

From Indian Express: 'Sophisticated' Indian cyberattacks targeted Pak military sites: Report
Cyber analysts in Norway have claimed that hackers based in India have been targeting government and military agencies in Pakistan for the last three years, extracting information of national security interest to India.

The "sophisticated" attacks originated from an extensive, "non-state" cyberattack infrastructure, and used decoy links, including those that referred to this year's beheading incident on the Line of Control and rebel movements in the Northeast, as bait, according to a report released Monday by the Oslo-based Norman Shark group.

The alleged cyberattack network — referred to as "Operation Hangover" in the report — was apparently unearthed as cyber analysts investigated an industrial espionage attack on the Norwegian telecom firm Telenor.

The report has not identified the Pakistani agencies that were targeted, but has hinted that these included several sensitive military targets that would be of interest to India. The primary goal of the network seems to have been "surveillance against national security interests", says the report.

The report says there is no evidence of "state sponsorship" for Operation Hangover. But it names several private Indian hacker groups, including those based in New Delhi, as being behind the attack.

The hackers allegedly exploited vulnerabilities in software to plant Trojans in computers across the world, primarily in Pakistan, that then extracted information and sent it back over the Internet.

There are no details yet on how much data might have been leaked, but the report claims that the network became active in 2010, peaked last year, and continues to be active currently.

"Based on analysis of IP addresses collected from criminal data stores discovered during the investigation, it appears that potential victims have been targeted in over a dozen countries, most heavily represented by Pakistan, Iran, and the United States. Targets include government, military and civilian organisations," the report says.
:
:
:
nits
BRFite
Posts: 1155
Joined: 01 May 2006 22:56
Location: Some where near Equator...

Re: Indian Cyber Warfare Discussion

Post by nits »

^^ Great going... finally we are showing some spine in some area
muttukur
BRFite -Trainee
Posts: 9
Joined: 11 Aug 2016 06:14

Re: Indian Cyber Warfare Discussion

Post by muttukur »

http://wikileaks.org/spyfiles/files/0/7 ... TARGET.pdf

Interesting , does india have such thing ?
member_23658
BRFite
Posts: 230
Joined: 11 Aug 2016 06:14

Re: Indian Cyber Warfare Discussion

Post by member_23658 »

Kritavarman wrote:Report detailing "a cyberattack infrastructure that appears to be Indian in origin"
OPERATION HANGOVER Unveiling an Indian Cyberattack Infrastructure http://enterprise.norman.com/resources/ ... ucture.pdf
wow the very first page has the ArunS / BR pic of Agni series, which was a part of the pdf apparently used as bait.
muttukur
BRFite -Trainee
Posts: 9
Joined: 11 Aug 2016 06:14

Re: Indian Cyber Warfare Discussion

Post by muttukur »

Neshant
BRF Oldie
Posts: 4852
Joined: 01 Jan 1970 05:30

Re: Indian Cyber Warfare Discussion

Post by Neshant »

What is astonishing is how much this guy was willing to sacrifice to blow the whistle on the NSA trying to create a totalitarian state under the guise of fighting terrorism.

$200k/yr salary, lifetime job security with the CIA, promotions, his family members... he sacrificed everything including his own safety.

-----

NSA Whistleblower Reveals Himself
"I realised that I was part of something that was doing far more harm than good... The NSA routinely lies in response to Congressional inquiries about scope of surveillance in America. The NSA is intent on making every conversation and every form of behaviour in the world known to them.... What they're doing poses an existential threat to democracy."

- Edward Snowden, 29, PRISM Whistleblower
http://www.zerohedge.com/news/2013-06-0 ... ls-himself
muttukur
BRFite -Trainee
Posts: 9
Joined: 11 Aug 2016 06:14

Re: Indian Cyber Warfare Discussion

Post by muttukur »

http://www.thehindu.com/news/cities/Del ... epage=true

Can this be the result of an cyber attack ?
nmadhav
BRFite -Trainee
Posts: 19
Joined: 15 Apr 2009 20:32

Re: Indian Cyber Warfare Discussion

Post by nmadhav »

More information on the role of NSA (National Security Agency) in offensive cyber operations.
http://www.wired.com/threatlevel/2013/0 ... erwar/all/
rsingh
BRF Oldie
Posts: 4451
Joined: 19 Jan 2005 01:05
Location: Pindi
Contact:

Re: Indian Cyber Warfare Discussion

Post by rsingh »

Neshant wrote:What is astonishing is how much this guy was willing to sacrifice to blow the whistle on the NSA trying to create a totalitarian state under the guise of fighting terrorism.

$200k/yr salary, lifetime job security with the CIA, promotions, his family members... he sacrificed everything including his own safety.

-----

NSA Whistleblower Reveals Himself
"I realised that I was part of something that was doing far more harm than good... The NSA routinely lies in response to Congressional inquiries about scope of surveillance in America. The NSA is intent on making every conversation and every form of behaviour in the world known to them.... What they're doing poses an existential threat to democracy."





- Edward Snowden, 29, PRISM Whistleblower
http://www.zerohedge.com/news/2013-06-0 ... ls-himself

To me it looks like Chinese Job. They got this asset some how and blackmailed him to do all this. Timing is perfect as it forced US to shut up and defend while Obama was ready to confront Li Whatever. There is no doubt that US does it. I am sure China,Russia and even India does it. I mean do you really believe that your e-mail password is secure? I have not changed it for last 5 years and I do not care if somebody read my mails because I know that somebody IS going to read it. Each time I book an air ticket I get cheap air ticket adds in secs. The system could be also programmed to alert auto tracking if some one uses the words like Allah, TNT, Shaitan Amrica, jehad, Pakistan or fatwa................OOPS I am being tracked.
VinodTK
BRF Oldie
Posts: 2976
Joined: 18 Jun 2000 11:31

Re: Indian Cyber Warfare Discussion

Post by VinodTK »

From The Hindu: ‘Missile Man’ Kalam wants military to gear up for cyber-attacks on economy
With the rise in internet usage and cloud-based systems, the country’s economy could face threats online, former President APJ Abdul Kalam said

Former President A.P.J. Abdul Kalam on Thursday said the country’s military engineers should learn the art of cybersecurity to safeguard the Indian economy from attacks online.

Addressing engineering graduates at the Military College of Electronics and Mechanical Engineering (MCEME) at their convocation ceremony, Dr. Kalam said cyber-attacks had the potential to cripple the Indian economy.

He said the growth of internet technology and cloud-based systems in the past few years had created room for cyber espionage and warfare. Nations are electronically connected and everything is in digital form, which will definitely attract attacks in cyberspace. Efforts to spread awareness among police and other security agencies should be increased, he felt.

On the economy

Dr. Kalam hoped that the 600 million youth of the country would help India become an economic powerhouse — one of the objectives of the Vision 2020 statement.

“Trouble began after 2008 when the GDP [growth] was eight per cent. After that, GDP [growth] gradually began to decrease due to economic problems in Europe and US. I still feel that the young in India will work hard and take the GDP levels to more than nine per cent,” he said.

Indigenous military technology

Fielding questions from the audience, the Missile Man said that in another decade, the use of indigenous military equipment will increase.

“At the moment, only 50 per cent of our military equipment is indigenous. In another one decade, our goal should 75 per cent,” he said.

Commenting on the present system of education, he said the government’s efforts should be at the primary level.

“Inspiring creativity and excellence should only be at the primary level. At this level, we should concentrate on preparing children for the future. Education should not create degrees but produce persons who can generate employment,” he suggested. Commandant, MCEME, Lt. Gen. S. M. Mehta and other top officers were present on the occasion.
ramana
Forum Moderator
Posts: 59773
Joined: 01 Jan 1970 05:30

Re: Indian Cyber Warfare Discussion

Post by ramana »

Recall B Raman's misgivings of Sankyavani project from CMU and connect to Snowden revelations.

Folks here dismissed US monitoring as a CT of our overzealous posters.

Spinster was one who used to regularly mention Arunchalam garu and Raj Reddy of CMU.
Post Reply