8/7/2019 Web Security-Inside the Indo-Pak Cyber Wars

1/1

attacks. Indian intelligence agenciesbelieve some of these hackers wereco-opted by Pakistani intelligenceagencies. Internet security analystssay attacking over 1,000 websites onboth sides of the border could nothave been attacked without months ofcoordination, preparation and apainstaking study of website vulnera-bilities. Government involvement incyber-skirmish cant be ruled out, asneither countries have tried to findout who their respective cyberarmies are, says Rakesh Goyal, MD,Sysman Computers Pvt Ltd.

Across the world, cyber armiesform adjuncts of security forces andare used to wage war by other means.Attacks look like Distributed Denial ofService (DDoS) attacks, such as thoseused by Russian hackers to paralyseEstonian and Georgian national cyberinfrastructure through sustainedattacks. Late last year, the Stuxnetvirus attacked computers at anIranian nuclear plant. The worm was

believed to be deployed by Israel andthe US, leading Iranian authorities toclaim that an electronic war hadbeen launched against Iran.

Even as the CBI functioned withouta website for nearly a month, Indianhackers rallied around. They attackedthe Oil and Natural Gas RegulatoryAuthority (OGRA), Pakistans equivalentof Indias ONGC. When Pakistaniauthorities put up a mirror website, itwas attacked and defaced again in fiveminutes. The OGRAhack was simply aresponse toCBIs website hacked by thePCAand we wouldnt have stretchedthese attacks against Pakistani web-sites, said an ICArepresentative.

The war quickly spilled out of cy-berspace and brought in the govern-ment. A multi-agency meeting calledfor by Minister of State for Communi-cations and Information TechnologySachin Pilot rapidly got into a finger-pointing exercise between variousagencies such as the CBI, NTRO and NIC.It only illustrated how responsibility is

diffused among agencies defendingIndias IT infrastructure. A report bythe Indian Computer EmergencyResponse Team mandated securityaudits for all government websites.The IT ministry that maintains gov-ernment websites expressed its dis-approval of the NTRO operation. TheNTRO should be building up our cyber

espionage capabilities and not expos-ing themselves through such frivolousattacks, says a senior government of-ficial who did not want to be named.

TheCBIwas prepared to put out anInterpol Red Corner notice against theunknown Pakistani hackers who haddefaced its site. It desisted only whenadvised by the intelligence agenciesthat the Pakistanis could put out asimilar notice for Indian hackers.Word of this appeared to have quicklyfiltered down to the hackers. Wemade internet blog entries requestingboth sides to call for a truce, toprevent a government crackdown,says Dhruv Soi, director with a Delhi-based cyber security forum.

The attacks from Pakistan mayhave embarrassed the Governmentbut it is gearing up for a larger threatfrom the Chinese cyber army. WhilePakistani hackers may have scoredpolitical points with website deface-ments, Chinese hackers are adept atcyber espionage. In 2009, Chinesecyber spies hacked 450 governmentcomputers, including those of theNational Security Adviser (NSA),deputy NSA, and the three armedforces, stealing sensitive information.A recent meeting chaired by PrimeMinister Manmohan Singh involvedstakeholders from the armed forces,intelligence agencies and DRDO in pro-tecting cyber security. The Govern-ment is earmarking Rs 15,000 crore toset up a National Cyber Command toprotect Indian cyberspace. The firstIndo-Pak cyber war ended in a trucebut the warriors on both sides sit withtheir fingers poised on keyboards. Westill own many servers of Pakistan andare prepared to respond to any attackfrom the PCAor any other Pakistanihacker group, says Disfigure fromthe ICA. Clearly, the last digital salvohas not been fired yet.

Rival intelligence agencies ofIndia and Pakistan recentlywaged a proxy cyber warusing hired hackers. The

battle, already being called the firstIndo-Pak cyber war on the Internet,pitted an Indian Cyber Army (ICA)against the Pakistan Cyber Army(PCA). The war erupted on November26, 2010, the second anniversary ofthe 26/11 attacks in Mumbai, when theICAattacked 870 Pakistani websites.

These attacks were primarily

web defacements and gaining controlover websites. Hackers penetratedthe root directory of websites byexploiting loopholes and defacing itby replacing the home page. Amongthe targets were 34 Pakistani govern-ment websites, including the sites ofthe navy, maritime security agency,foreign ministry, economic affairsministry and the chief minister ofSindh. Visitors to these portals onlysaw a terse missive: Hacked by theIndian Cyber Army. Our objective oflaunching cyber attacks was to payour homage to the martyrs of 26/11,an unnamed ICArepresentative latertold website Hacker Regiment.

Government sources, however,say the attacks were planned andcoordinated by Indias technical intel-ligence agency, the National TechnicalResearch Organisation (NTRO).A covert NTRO division, the informa-tion warfare group, uses hackers foroffensive cyber operations. Pakistansintelligency agency ISI, too, is believedto have recently recruited hackers foroffensive attacks. On December 3, the39th anniversary of the 1971 Indo-Pak war, 270 Indian websites were si-

multaneously attacked. The worst hitwas that of the CBI. We are sleepingbut not dead. RememberPCA? Back offkids or we will smoke your doors offlike we did before, said a messagefrom Pakistani hackers on thepremier investigation agencys portal.

It took the CBI nearly a month torestore its website because the entiresoftware had to be tested and revali-dated. The Department of Infor-mation Technology discovered thatPeshawar-based hackers had enteredthe website through an Indian AirForce website. Both sites shared acommon database, a security lapsewhich proved to be their undoing.

The problem is that most govern-ment websites have poor security fea-tures and hence, vulnerable to suchattacks, says Sanjay Pandey, CEO ofiSec services. Hackers on both sideshave indulged in sporadic attacksagainst each other ever since Pakis-tani hackers famously disfigured thewebsite of Bhabha Atomic Research

Centre after the 1998 nuclear tests.The ICAand PCAwarriors hide behindnom de guerres such as Zombie andDisfigure, and are thought to beyoung IT professionals. With the firstIndo-Pak cyber war, the rivalry has be-gun taking the contours of organisedcyber warfare, with the the ISIandNTROstepping in to mobilise the hackers.This is because the anonymity ofcyberspace lends itself naturally toplausibly deniable cloak- and-daggerintelligence operations.

Hacking and web defacements arecriminal activities punishable undercyber laws of both the countries. Lastyear, Pakistans Federal InvestigationAgency busted a cyber crime gangPakbugs that specialised in phish-ing, or scooping personal credit carddetails from Internet users, and webdefacements. Ahmad Hafeez fromLahore was charged with 480 deface-ments and Pakbugs co-founderHassan Khan, from Peshawar, wasaccused of involvement in 8,697 such

MARCH 21, 2011 INDIA TODAY 5958 INDIA TODAY MARCH 21, 2011

Nation WEB SECURITY

INSIDE THE INDO-PAK CYB ER WARS

By Sandeep Unnithan

The proxy war fought by the

intelligence agencies using

hackers has now movedinto a different dimension

SAURABH SINGH/

www.indiatodayimages.com

Theproblem isthat mostGovernmentwebsiteshave poorsecurity

featuresand arehence vulnerable to suchcyber attacks.

Thepossibleinvolvementof govern-ments cantbe ruled outas neithercountrieshave tried tofind out who their respective

cyber armiesare.RAKESH GOYAL,

MD, Sysman Computers Pvt Ltd

SANJAY PANDEY,

CEO, iSec services

THE DEFACED HOME PAGES

OFCBI (LEFT) AND OGRA