Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Information Security News: China mounts cyber attacks on Indian sites

China mounts cyber attacks on Indian sites

From: InfoSec News <alerts_at_infosecnews.org>
Date: Tue, 6 May 2008 03:37:41 -0500 (CDT)

http://timesofindia.indiatimes.com/China_mounts_cyber_attacks_on_Indian_sites/articleshow/3010288.cms

By Indrani Bagchi
TNN
5 May 2008

NEW DELHI: China’s cyber warfare army is marching on, and India is
suffering silently. Over the past one and a half years, officials said,
China has mounted almost daily attacks on Indian computer networks, both
government and private, showing its intent and capability. (Watch:
‘China's cyber intrusion a threat’ [1])

The sustained assault almost coincides with the history of the present
political disquiet between the two countries.

According to senior government officials, these attacks are not isolated
incidents of something so generic or basic as "hacking" — they are far
more sophisticated and complete — and there is a method behind the
madness.

Publicly, senior government officials, when questioned, take refuge
under the argument that "hacking" is a routine activity and happens from
many areas around the world. But privately, they acknowledge that the
cyber warfare threat from China is more real than from other countries.

The core of the assault is that the Chinese are constantly scanning and
mapping India’s official networks. This gives them a very good idea of
not only the content but also of how to disable the networks or distract
them during a conflict.

This, officials say, is China’s way of gaining "an asymmetrical
advantage" over a potential adversary.

The big attacks that were sourced to China over the last few months
included an attack on NIC (National Infomatics Centre), which was aimed
at the National Security Council, and on the MEA.

Other government networks, said sources, are routinely targeted though
they haven’t been disabled. A quiet effort is under way to set up
defence mechanisms, but cyber warfare is yet to become a big component
of India’s security doctrine. Dedicated teams of officials — all
underpaid, of course — are involved in a daily deflection of attacks.
But the real gap is that a retaliatory offensive system is yet to be
created.

And it’s not difficult, said sources. Chinese networks are very porous —
and India is an acknowledged IT giant!

There are three main weapons in use against Indian networks — BOTS, key
loggers and mapping of networks. According to sources in the government,
Chinese hackers are acknowledged experts in setting up BOTS. A BOT is a
parasite program embedded in a network, which hijacks the network and
makes other computers act according to its wishes, which, in turn, are
controlled by "external" forces.

The controlled computers are known as "zombies" in the colourful
language of cyber security, and are a key aspect in cyber warfare.
According to official sources, there are close to 50,000 BOTS in India
at present — and these are "operational" figures.

What is the danger? Simply put, the danger is that at the appointed
time, these "external" controllers of BOTNETS will command the networks,
through the zombies, to move them at will.

Exactly a year ago, Indian computer security experts got a glimpse of
what could happen when a targeted attack against Estonia shut that
country down — it was done by one million computers from different parts
of the world — and many of them were from India! That, officials said,
was executed by cyber terrorists from Russia, who are deemed to be more
deadlier.

The point that officials are making is that there are internal networks
in India that are controlled from outside — a sort of cyberspace fifth
column. Hence, the need for a more aggressive strategy.

Key loggers is software that scans computers and their processes and
data the moment you hit a key on the keyboard.

This information is immediately carried over to an external controller —
so they know even when you change your password. Mapping or scanning
networks is done as a prerequisite to modern cyber warfare tactics. MEA
has a three-layered system of computer and network usage — only the most
open communication is sent on something called "e-grams".

The more classified stuff uses old-economy methods — ironically,
probably the most secure though a lot more time-consuming. The same is
true of other critical areas of the government. But the real gap inside
the national security establishment is one of understanding the true
nature of the threat.

National security adviser M K Narayanan set up the National Technology
Research Organization, which is also involved in assessing cyber
security threats. But the cyber security forum of the National Security
Council has become defunct after the US spy incident. This has scarred
the Indian establishment so badly that it’s now frozen in its
indecision. This has seriously hampered India’s decision-making process
in cyber warfare.

[1] http://broadband.indiatimes.com/videoshow/3010795.cms

_______________________________________________
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com
Received on May 06 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]