The Military Issues & History Forum is a venue to discuss issues relating to the military aspects of the Indian Armed Forces, whether the past, present or future. We request members to kindly stay within the mandate of this forum and keep their exchanges of views, on a civilised level, however vehemently any disagreement may be felt. All feedback regarding forum usage may be sent to the moderators using the Feedback Form or by clicking the Report Post Icon in any objectionable post for proper action. Please note that the views expressed by the Members and Moderators on these discussion boards are that of the individuals only and do not reflect the official policy or view of the Bharat-Rakshak.com Website. Copyright Violation is strictly prohibited and may result in revocation of your posting rights - please read the FAQ for full details. Users must also abide by the Forum Guidelines at all times.
Lance Whitney reporting in CNet News: "A Chinese state-run telecom provider was the source of the redirection of U.S. military and corporate data that occurred this past April… The current draft of the U.S.-China Economic and Security Review Commission's (USCC's) 2010 annual report, which is close to final but has not yet been officially approved, finds that malicious computer activity tied to China continues to persist following reports early this year of attacks against Google and other companies from within the country."
Then on April 8, a large number of routing paths to various Internet Protocol addresses were redirected through networks in China for 17 minutes. The USCC identified China's state-owned telecommunications firm China Telecom as the source of the "hijacking." This diversion of data would have given the operators of the servers on those networks the ability to read, delete, or edit e-mail and other information sent along those paths.
(And GOI has lifted ban on Telecom products from China)
Wow, thats just mind blowing. China has the infrastructure to snoop on a massive scale ! I think it should also be possible to attach viruses to emails, launch phishing attacks etc.
Aside, if they were BRF login pages, then they could read all your passwords. Its not SSL protected, so it is sent as clear text.
I pinged india.gov.in, it got routed through China.
(If you are logging in from India, try pinging forums.bharat-rakshak.com (hosted in some Chicago site). If it is routed through China, theoretically, they can steal your password. May explain why we see some BRFites id hacked by commies.)
In this case it was used via an iFrame on nobelpeaceprize.org which then downloaded malware to the visitors machine using a multi-exploit back-end which amongst others also leveraged this 0day Firefox exploit.
Mozilla claims they will address this issue soon and past history dictates that a patch will come out within a few days, so look forwards to Firefox 3.6.12 by the end of the week. It seems to be a fairly advanced and targeted attack.
Of course the conspiracy theorists will say that the attack was carried out by the Chinese Government as their way of complaining that the most recent Nobel Peace Prize was given to a Chinese dissident named Liu Xiaobo.
JTull wrote:
Perhaps they should focus their effort on building a capability to fight back rather than meekly surrender to the threat.
Circa 2005 in an e-governance conference first time I heard about how IRCTC's firewall operates with a red light switched on cutting all Internet traffic I was equally shocked. Trust the bureaucracy to come up with such solutions worse than the actual problems. No wonder the napakis have 8 times the Internet bandwidth on their DSL lines than us.
Earlier this month, Israeli fighters bombed a suspected nuclear materials site in Syria. Here’s the million dollar question: How did they do it without tipping off Syria’s Russian-bought air defense radar? Radar expert Dave Fulghum over at Aviation Week’s Ares blog may have the answer: Israel hacked the network.
Israel U.S. aerospace industry and retired military officials indicated today that a technology like the U.S.-developed “Suter” airborne network attack system developed by BAE Systems and integrated into U.S. unmanned aircraft by L-3 Communications was used by the Israelis. The system has been used or at least tested operationally in Iraq and Afghanistan over the last year.
The technology allows users to invade communications networks, see what enemy sensors see and even take over as systems administrator so sensors can be manipulated into positions so that approaching aircraft can’t be seen, they say. The process involves locating enemy emitters with great precision and then directing data streams into them that can include false targets and misleading messages algorithms that allow a number of activities including control.
Russia has completed its part of a contract on the delivery of A-50 Mainstay AWACS aircraft to India, a Russian aircraft industry official said.
India ordered three A-50EI variants, developed on the basis of the Russian Il-76MD military transport plane and fitted with the Israeli-made Phalcon radar system, in 2004. The first two aircraft are already in service with the Indian air force (IAF).
It would be extremely surprising if the radar spoofing technology has not already been built into the Israeli avionics in the new AWACS planes.
How would it be used? There are lots of possibilities. Recall the faked call from Pranab Mukherjee to Zardari while the Mumbai 26/11 attack was in progress ...
Hopefully the DRDO understands that you cannot have security until and unless you control the manufacturing process right from the semiconductor foundry stage.
darshhan wrote:
Wlin , Recently when Indian govt. banned chinese telecom vendors like Huawei and ZTE from supplying equipment to Indian telecom operators , these companies were literally begging to stay in the competition and to lift the ban.Even the Chinese govt. started requesting Indian govt to lift the ban.
They are probably interested in monitoring Indian internet traffic, and perhaps installing worms on Indian systems.
Our Babus have worked out an arrangement whereby Huawei will reveal its source code.
Unfortunately, the Babus seem to be unaware that the standard practice these days is to put the Trojans in the hardware itself. Unless you control the semiconductor fabrication process, you have no right to expect any security.
chaanakya wrote:
These are advised by those who know what they are doing. Babus may not have much say in tech things. Yes Tech babus may do so. Hardware Trojans are well known and could be found by Blackbox testing.But then these are technical matters and there are people to advise.
I think permitting Chinese company in one case and not allowing in other case would have been wrong. Your suspicion may not be entirely unfounded. But then what is the guarantee that hardwares supplied by other countries do not have the same.
You are absolutely right that we need to have our semiconductor foundry to have proper security.
Pranav wrote:
chaanakya wrote:
Hardware Trojans are well known and could be found by Blackbox testing.
the problem of hardware Trojans in wireless cryptographic integrated circuits, wherein the objective is to leak secret information (i.e. the encryption key) through the wireless channel. Using a mixed-signal system-on-chip, consisting of a DES encryption core and a UWB transmitter, we demonstrate the following three key findings of this study: i) Simple malicious modifications to the digital part of a wireless cryptographic chip suffice to leak information without changing the more sensitive analog part. We demonstrate two hardware Trojan examples, which leak the encryption key by manipulating the transmission amplitude or frequency. ii) Such hardware Trojans do not change the functionality of the digital part or the performances of the analog part and their impact on the wireless transmission parameters can be hidden within the fabrication process variations. Hence, neither traditional manufacturing testing nor recently proposed hardware Trojan detection methods will expose them. iii) For the attacker to be able to discern the leaked information from the legitimate signal, effective hardware Trojans must impose some structure to the transmission parameters. While this structure is not known to the defender, advanced statistical analysis of these parameters (i.e. transmission power), may reveal its existence and, thereby, expose the hardware Trojan.
This is just one of such pointers. Its a constant fight between both side of the divide. But these testing do take place for hardware trojans very extensively. And it is not only for Kill Switch but many other variants. As they develop new trojans, new procedure to test them is also being developed.There can be no 100% certainty as you are hunting for what is designed to be stealth. China or any other country supplying hardware fall into same category unless we ourselves have these testing techniques.
The particular example you cite is about the detection of a pre-activated Trojan that modifies a wireless signal. Such black-box testing would not be able to detect the presence of a latent Trojan that is designed to be triggered by a specific data sequence, for example.
Pranav wrote:
The particular example you cite is about the detection of a pre-activated Trojan that modifies a wireless signal. Such black-box testing would not be able to detect the presence of a latent Trojan that is designed to be triggered by a specific data sequence, for example.
Its very thoughtful of you to have moved the post to proper thread.Thanks for that.
I just cited one example. There are many. As new threats are discovered, new methods are developed to find them out.
The idea outlined in above paper works to a large extent in finding anomalies in electrical signals, its amplitude and frequency , other than those specified by design and then try to trace trojans. There are other ideas as well. The point is you test the system for all possible data sequence a circuit is designed to accept and deliver. May take time but that is the price to pay.
chaanakya wrote:The point is you test the system for all possible data sequence a circuit is designed to accept and deliver. May take time but that is the price to pay.
The time that would take may well be more than the age of the universe ...
chaanakya wrote:The point is you test the system for all possible data sequence a circuit is designed to accept and deliver. May take time but that is the price to pay.
The time that would take may well be more than the age of the universe ...
But yes, I agree that it is a continuous game.
Pranav , I understand that it would take quite a long time and is extremely difficult. My statement was not meant to be a sweeping statement as it appeared. But if one case is detected, that company or country is going to face huge problem of trustworthiness even though it may not be the originator.
I came across one interesting article and thought you might be interested.
Tamper-resistant chips are also coming to the commercial market. Pleasanton, Calif.-based CPU Tech has offered the private sector since 2008 the Acalis CPU872 MultiCore chip, which the firm says protects from hardware-based Trojans for high-performance processing within vital applications. It scatters separate parts of the encryption key needed to boot the hardware across different pieces of the chip and also embeds memory onto the chip, so vital data can't be accessed externally. Financial firms have expressed interest in purchasing systems with the chip installed, said Robert Beanland, vice president of marketing for CPU Technology.
Law enforcement in Europe uncovered a scam late last year whereby criminals had rigged credit card readers installed at Tesco and other retail outlets there with what was essentially a tiny cell phone that was capturing all the PINs from customers who used their cards on the readers in stores and sending the data through Pakistan; though its ultimate destination remains unknown. Criminals often choose nations with porous security or limited digital forensics practices to route their booty.
wonder who did it? -> UK’s Royal Navy website hacked
The website of Britain's Royal Navy has been closed after hackers gained unauthorised access to the military site. Military computer specialists are investigating the cyber-security breach. A statement posted on the website on Monday said it is closed for "essential maintenance". The navy said in a statement that the website was compromised over the weekend but no damage was done. The site has been taken down temporarily as a precaution.
Tamper-resistant chips are also coming to the commercial market. Pleasanton, Calif.-based CPU Tech has offered the private sector since 2008 the Acalis CPU872 MultiCore chip, which the firm says protects from hardware-based Trojans for high-performance processing within vital applications. It scatters separate parts of the encryption key needed to boot the hardware across different pieces of the chip and also embeds memory onto the chip, so vital data can't be accessed externally. Financial firms have expressed interest in purchasing systems with the chip installed, said Robert Beanland, vice president of marketing for CPU Technology.
This could work if the manufacturer CPU Tech itself is trustworthy. It is impossible to overcome the problem of trust unless one fully controls the hardware fabrication.
Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic
For 18 minutes in April, China’s state-controlled telecommunications company hijacked 15 percent of the world’s Internet traffic, including data from U.S. military, civilian organizations and those of other U.S. allies.
This massive redirection of data has received scant attention in the mainstream media because the mechanics of how the hijacking was carried out and the implications of the incident are difficult for those outside the cybersecurity community to grasp, said a top security expert at McAfee, the world’s largest dedicated Internet security company
Its a fairly useless thing to do, next time their routers won't be trusted on BGP route advertisements. Just like Pakistan claiming youtube's ASN and then getting the whole country knocked off the Internet for a couple of hours.
this news item in the new york times suggests that stuxnet was meant for iran, do read in full
Experts dissecting the computer worm suspected of being aimed at Iran’s nuclear program have determined that it was precisely calibrated in a way that could send nuclear centrifuges wildly out of control.
Their conclusion, while not definitive, begins to clear some of the fog around the Stuxnet worm, a malicious program detected earlier this year on computers, primarily in Iran but also India, Indonesia and other countries.
The paternity of the worm is still in dispute, but in recent weeks officials from Israel have broken into wide smiles when asked whether Israel was behind the attack, or knew who was. American officials have suggested it originated abroad.
The new forensic work narrows the range of targets and deciphers the worm’s plan of attack. Computer analysts say Stuxnet does its damage by making quick changes in the rotational speed of motors, shifting them rapidly up and down.
Until last week, analysts had said only that Stuxnet was designed to infect certain kinds of Siemens equipment used in a wide variety of industrial sites around the world. But a study released Friday by Mr. Chien, Nicolas Falliere and Liam O. Murchu at Symantec, concluded that the program’s real target was to take over frequency converters, a type of power supply that changes its output frequency to control the speed of a motor. The worm’s code was found to attack converters made by two companies, Fararo Paya in Iran and Vacon in Finland. A separate study conducted by the Department of Homeland Security confirmed that finding, a senior government official said in an interview on Thursday.
Then, on Wednesday, Mr. Albright and a colleague, Andrea Stricker, released a report saying that when the worm ramped up the frequency of the electrical current supplying the centrifuges, they would spin faster and faster. The worm eventually makes the current hit 1,410 Hertz, or cycles per second — just enough, they reported, to send the centrifuges flying apart.
In a spooky flourish, Mr. Albright said in the interview, the worm ends the attack with a command to restore the current to the perfect operating frequency for the centrifuges — which, by that time, would presumably be destroyed.
This could work if the manufacturer CPU Tech itself is trustworthy. It is impossible to overcome the problem of trust unless one fully controls the hardware fabrication.
You need to own the entire instruction set. That is the only way it can be isolated and become trustworthy
China has created its own set - it looks like that
But it looks like - this Internet diversion is something they are being taught by NSA. They were also part of the echelon network. It looks like some power wants PRC to be their partner for long term
global computer hacking effort: China’s Politburo directed the intrusion into Google’s computer systems in that country, a Chinese contact told the American Embassy in Beijing in January, one cable reported. The Google hacking was part of a coordinated campaign of computer sabotage carried out by government operatives, private security experts and Internet outlaws recruited by the Chinese government. They have broken into American government computers and those of Western allies, the Dalai Lama and American businesses since 2002, cables said.
JE Menon wrote:Any speculation as to why Stuxnet was in India?
One story going rounds on the web is that the worm targets SIEMENS S7-400 PLC and SIMATIC WinCC SW and many of our R&D establishments are SIEMENS's clients including ISRO.
True, but as far as is known Siemens was not responsible for the worm, so it must have gotten in there either after the sale, or during manufacture. Someone deliberately targeted India. I was wondering if there is any speculation as to why and who.... Anything really.
On July 7, 2010, a power glitch in the solar panels of India’s INSAT-4B satellite resulted in 12 of its 24 transponders shutting down. As a result, an estimated 70% of India’s Direct-To-Home (DTH) companies’ customers were without service. India’s DTH operators include Sun TV and state-run Doordarshan and data services of Tata VSNL.
INSAT-4B was put into orbit in March, 2007 by the Indian Space Research Organization (ISRO), which conducts research and develops space technology for the government of India. It is also the agency which controls and monitors India’s satellites and space vehicles while they are operational.
Once it became apparent that INSAT-4B was effectively dead, SunDirect ordered its servicemen to redirect customer satellite dishes to point to ASIASAT-5, a Chinese satellite owned and operated by Asia Satellite Telecommunications Co., Ltd (AsiaSat). AsiaSat’s two primary shareholders are General Electric and China International Trust and Investment Co. (CITIC), a state-owned company. China and India are competing with each other to see who will be the first to land another astronaut on the Moon. China has announced a date of 2025 while India is claiming 2020.
What does this have to do with the Stuxnet worm that’s infected thousands of systems, mostly in India and Iran? India’s Space Research Organization is a Siemens customer. According to the resumes of two former engineers who worked at the ISRO’s Liquid Propulsion Systems Centre, the Siemens software in use is Siemens S7-400 PLC and SIMATIC WinCC, both of which will activate the Stuxnet worm.
I think ISRO some time later did rule out Stuxnet being the cause of INSAT4B's failure as they clarified that there was no PLC on board the satellite which was being run by any of the SIEMENS SCADA products.
The consensus on the WWW is that someone very resourceful who has knowledge of the industrial PLCs specially the one's run by Windows based SIEMENS SCADA sw are targeted by this worm.
This server was reportedly hosting at least 40 government websites of sensitive nature, including Pakistan Navy, NAB, Ministry of Foreign Affairs, National Assembly, Pakistan’s Military Account, Ministry of Science and Technology, AGP, FAB and others.
Basically!! to me an ideal design would be to have an India Cloud protected by DMZ which is connected to the world Cloud.
So in the Indian cloud we could have many small clouds which are all protected in their realm.
WAN = Wide Area Network.
1. Army, airforce, navy WAN
2. police and judiciary WANs in each state + center.
3. WAN for each of the Central Government Services.
4. WAN for each of the state Government services.
4. Commercial WAN.
Thus even in the case of an attack it is limited to its own area and can be localized and fixed.
The entire set of wikileaks can be downloaded here for those interested.Save it for later.Would be interesting and educational as to how International politics work
48. (S//NF) SCA CTAD comment: According to Defense Intelligence Agency reporting, the Government of India (GoI) continues efforts to advance its computer security programs -- particularly in light of increased concerns over Chinese computer network exploitation efforts -- but progress is hampered by significant disagreements within its departments. The key GoI organizations involved in developing and implementing security policies are identified as the Ministry of Telecommunications and the Research and Analysis Wing. Although the Indian Army is primarily responsible for the security of military networks, Indian officials acknowledge Army representatives have been largely left out of discussions. Additionally, some other key groups, such as the National Technical Reconnaissance Organization and the Indian Defense Intelligence Agency, have reportedly failed to offer significant contributions. Private security companies are also concerned that the lack of input from the private sector may lead to unfair regulations regarding telecommunications monitoring.
To curb this defacing of our websites, we can do a website on a chip idea. My idea is something like this, we have a small single board computer that has two types of memories wired up to the boot controller
1. flash
2. ddram
3. boot rom
The SBC will house a more complex SOC(say an ARM 11 or more advanced processor)
The processor's memory map will be configured to have read only memory which is mapped to the flash and read-write memory area wired to the ddr.
The sbc will also run a digital signature check saved in the boot rom on all the content being displayed every 0.5s. This content will include content from flash + ddr.
The flash once programmed will be locked and can be unlocked for updates by the Admin who can program it via another system on the network connnected to this system via a USB, the other computer ofcourse is not connected to the internet.
This way we can have some amount of dynamic content and lots of static content that wont change
Indian Cyber Army claims to have defaced Oil and Gas Regulatory Authority site of the neighbouring country. Now after a group of Pakistani hackers, Predators PK, defaced the Central Bureau of Investigation (CBI) website, India's cyber warriors have retaliated by damaging the Oil and Gas Regulatory Authority (OGRA) of Pakistan website among others.
Indian Cyber Army (ICA), powered by indishell.in, carried out a mass defacement operation on key Pakistani websites "to pay homage to the martyrs of the terror attacks" on the anniversary of 26/11.
"PCA has done no great job. They attacked very soft targets and such vulnerable websites are floating around all over the web," said an Indian hacker on the condition of anonymity.
The official website of the Central Bureau of Investigation, which was recently hacked by unknown persons calling themselves 'Pakistani Cyber Army,' remains inoperative even after one week.
The National Informatics Centre that manages the official websites of the government of India [ Images ] and state governments had boasted to put back the CBI website up and running within 24 hours of the attack on Friday last. Its engineers, however, admitted on Thursday that the hackers not only defaced the site, but destroyed all the data mounted by CBI on the NIC server, and hence it is taking much longer time to put back the data one by one.
All that they could do last Saturday was to make the website cbi.nic.in inoperative to stop the viewers' access to the hackers' messages like 'Long life Pakistan' and why they resorted to take over India's top investigating agency's website.
So they had access to the files and i wonder what all files they had hosted and what all did the hackers downloaded
All that they could do last Saturday was to make the website cbi.nic.in inoperative to stop the viewers' access to the hackers' messages like 'Long life Pakistan' and why they resorted to take over India's top investigating agency's website.
I have often come across Chinese who cannot distinguish between noun and verb...
The website of the Central Bureau of Investigation, India’s premier investigation agency was hacked by the Pakistan Cyber Army. The website had the message from the PCA that this was being done to avenge the hacking of Pakistan government websites by the Indian Cyber Army.
The message on the CBI website also mock the agency for the lack of security and also questioned the manner in which the National Informatics Centre had put in place the security to safeguard government websites.
Immediate measures have been taken to rectify the problem since the website of the CBI is not only connected to all police stations in the country, but also directly linked to the Interpol. There is heavy damage control exercise which is on at the moment since there is crucial data on this website. The data contains records of wanted criminals and terrorists and this information is linked with the Interpol.
The attack comes close on the heels of a major warning by intelligence agencies that Indian government websites will come under severe attack by Pakistan based hackers. The IB had warned that Pakistan would launch a major cyber war and this could be a continous process and immediate steps had to be taken to secure our servers and websites.
The Pakistan Cyber Army which is the most lethal of the three Pakistan based hacking groups claims to have come into force after their websites were hacked. They say that the Indians had hacked into Oil and Gas Regulatory website in Pakistan. In an immediate retort they hacked into the website of the Oil and Natural Gas Corporation.
India has been trying to put in place its own set of hackers. The core job of this group would not be to hack into websites of other countries, but to secure hackers from other countries from entering into our sites.
Currently India has a set of hackers who have capabilities, but the problem is that there is a need for a government clearance to get them to do the job legally. The advantage that a PCA has is that they enjoy the support of security agencies and hence they appear to be in a stronger position today. The IB says that it is not sufficient to rely on the government machinery, but experts from the private sector need to be brought in to secure Indian websites.
Experts point out that there is a need to put in place a dedicated cyber army to protect India’s websites. We have seen many attacks in the past and we should consider ourselves lucky that no serious damage has been done as yet. At the moment they only want to show that our system is weak and it is more of a game for them.
Three days gone and the website of the Central Bureau of Investigation is still down. When queried about the same, the answer was work was still on and more importantly the investigation was on in full swing.
It is an established fact that the hacking of the CBI website was the handi work of the Pakistan Cyber Army. Looking back at this attack there are many points that come to light and cyber security experts point out that the most disturbing of all the facts on the cyber security front is that the government of India is yet to notify a large number of sensitive websites as protected systems.
The amendment to the Information Technology Act made a provision for the government to notify all sensitive sites under it as protected systems. Under this provision, a mere attempt to access a protected system would invite a jail term of up to ten years. This would not deter a Pakistani from hacking the website under the classification of a protected system, but within the country the systems would be much more secure.
Pavan Duggal, an expert on cyber security tells rediff.com that most of the highly sensitive websites in India which are under the government ofIndia are not notified as protected systems. The IT act says that any person trying to even access the site under this category will imprisoned for ten years. The fact that the government has not done this despite the act being in place for nearly two years only speaks about the seriousness in fighting cyber crime.
The attack on the CBI site brought into question an important fact whether India has its own Cyber Army. India does have a set of ethical hackers who are meant to protect our systems. However there are a lot of issues that surround this and one ethical hacker who did not wish to be named pointed out the following problems that they face.<
He says that they do not enjoy the patronage of the government. The much needed security that they ought to have has not been provided by the government. This is in total contrast of the Pakistan Cyber Army which enjoys the complete patronage of both the Government and the ISI.
In addition to this some of the ethical hackers in India who were supposed to work for the government have complained about too much police interference. Very recently there was an incident in which the police had issued a couple of directions to the ethical hackers. These persons say that they were upset with this kind of interference and they should not be told how to go about their job. This kind of kills our motivation and we feel that our own system is against us. Our job requires precision and a lot of dedication and at times we would suo motu indicate the problems faced by the Indian systems. However there was not much reaction to this and we have been clearly told that we need to work when we are asked to work.<
Duggal points out that there are plenty of ethical hackers in India. However we do not have a cyber army in that sense of the word. It is high time that India thinks in that direction in order to act pro actively to protect our sovereign interests.
Look at the case of the CBI website. It has been four days and it is still not up when it should have been done in three hours time. The message we have sent out is loud and clear that we lack a pro active national cyber strategy on cyber crime. Moreover the Pakistanis have exploited our security loop holes and we are only showing how weak we are by undertaking the restoration process so late.
The Intelligence Bureau on the other hand has been constantly warning against such attacks. It has been more of a challenge this time, but there could well be a situation where our crucial data is accessed. A fully functional and dedicated cyber army is very much required and it should comprise IT professionals. It is more important that they constantly work towards securing our web sites than hack into systems of our neighbouring nations.
Meanwhile the Defence Research and Development Organisation (DRDO) says that it is developing a mechanism to make websites hack proof. The DRDO pointed out that cyber security is a major concern for national security and feels that they could develop hacking proof devices.
