Sunday, February 25, 2024

Spurt in attacks on Indian websites

Cyber attacks against Indian websites have increased exponentially in 2013, despite the government supposedly building a credible cyber defence system.

According to confidential reports by CERT-In (Indian Computer Emergency Response Team), 4,191 Indian websites were defaced or hacked into in August, 2,380 in July, 2,858 in June and 1,808 in May.

An overwhelming percentage of these attacks occurred in the .in domain, whose servers are in India – 80% in June and over 60% thereafter.

The .in domain appears particularly vulnerable to attacks. Of the 2,380 Indian websites that were defaced in July, 1,511 were on .in domain and in June the number stood at 2,296 sites.

The top defacers India is battling are SA3D HaCk3D, h4x0r HuSsY, SanFour2S, BD GREY HAT HACKERS, Suwario, SpyDy, hasnain haxor and CouCouM, among others.

The attacks cover both public and private sector entities, thought the former are more vulnerable, and more dangerous for national security, because these also cover India’s critical infrastructure.

These hackers’ modus operandi include stealing passwords or “sniffing”, injecting codes that attack data driven applications, active eavesdropping, called “man in the middle attacks”, web shell uploading etc.

Essentially, all these techniques are used to scoop up information and then control the activities of the site.

In commercial sites, the danger is in the area of industrial espionage. In critical infrastructure, these attacks can have huge national security consequences.

In May 2013, the Cabinet cleared an ambitious cyber security architecture. But sources said there was negligible progress, even as attacks on India’s critical infrastructure increased in complexity.

The National Security Council Secretariat (NSCS) under deputy NSA (national security advisor) Nehchal Sandhu was supposed to create three centres of excellence on encryption and public policy.

But despite logging numerous meetings on the issue, sources said there was little progress.
The NSCS was supposed to do other things as well — create a testing infrastructure, build a threat intelligence system, invest in research and development on cyber security and build a cadre of cyber security professionals — India has under 600 such as compared to 1.25 lakh in China and almost 1 lakh in the US.

The government cleared the post of a cyber-coordinator whose job it would be to integrate all the different strands of cyber defence policy.

That has not been announced because top bureaucrats are believed to be in a silent internecine battle. Sandhu was himself a top intelligence operative before becoming deputy NSA.

India’s new architecture, unveiled by NSA Shivshankar Menon, sounds grand. It envisages interconnected set of organizations in key departments such as NTRO, defence and home ministries, while CERT-In remains the umbrella body to oversee cyber protection.

A key aspect of the architecture is that the government will work with ISPs (independent service providers) to oversee metadata of Indian users but not mine the data.

Menon had flagged a set of recommendations for government-private sector collaboration on cyber security last October and that forms the basis of the new architecture.

The government is also keen that Indian companies develop indigenous security software because they feel foreign-origin software is compromised.

But Indian companies have still not been able to master the kind of code-writing expertise that is seen in the US and Russian cyber entities.

More articles