Manipulations in cyberspace
Closely allied to cyber intrusion to procure information is the war to disable websites which are critical to the lives of nations and their citizens. More than the former, it is the latter phenomenon that should be a cause for concern to all of us. R.K. Raghavan
A leading national newspaper has carried a sensational news item regarding a former Prime Minister on what he allegedly did very much before he assumed office. This is based on a leak of one of the so-called Kissinger cables. We are not concerned here with the veracity of the charge, something, I am sure will be furiously debated every waking hour until 2014 when we elect our new masters.
The point most relevant to me is the revered daily that has carried the screaming headline claims that its scoop is the product of its "investigative collaboration" with the infamous WikiLeaks, which specialises in unfolding historic events showing governments and individuals in high places having been privy to dubious transactions. The information hacked out of sensitive U.S. government websites by WikiLeaks is mostly from State Department cables, a minefield of information and revelations.
No-holds-barred race for grabbing information
The kind of credibility that the anonymous group of hackers (who are behind WikiLeaks) have acquired should send shivers down the spines of decision-makers all over the globe. What is interesting and significant is that facts so obtained seem to pass muster even with the traditionally conservative users and purveyor of information.
These papers have shown an appetite for news from unusual sources, a development which means that there is now a universal rapacious and no-holds-barred race for grabbing information from wherever it is available. This competition has lent respectability to a pursuit of news which would have been frowned upon until a decade ago as unethical. We are yet to forget the unsavoury episode two years ago of the hacking of cell phones in the U.K. by a newspaper to give credibility to a crime story.
Not surprisingly government websites are the much sought after targets because it is governments which have to resort to cover-ups all the time for sheer political survival. This is confirmation - if one was needed -- that the Internet is no longer a safe medium to communicate, especially when famous personalities and their peccadilloes are under scrutiny. It is especially dangerous when you use it for fulfilling your venal desires.
It is now an open secret that hackers by the hundreds are on the prowl, and you must always be on your guard. These plunderers are loose cannon who would not spare even the holiest of cows. Some of them are merely adventurous. The others are downright commercial, peddling exciting information for money. There is, therefore, a constant battle of wits between those who want to protect and hide information and those who want to unveil it.
An undeclared war between two major groups
The long predicted cyber terrorism is still an academic concept. Attacks against critical infrastructure such as air traffic control and power and water supply have still not happened on a dimension that could be forbidding. Otherwise there is everything else to indicate that the cyberspace will be exploited ruthlessly to settle scores between nations.
An undeclared war in cyberspace is now being fought among two broad groups, reminiscent of the cold war years. On the one side are the perceived victims, who are mostly Western nations. South Korea, Israel, Saudi Arabia and India are also fellow-victims because of their close relations with the West, especially the U.S. Arrayed against them are Russia, China, and North Korea.
Iran is a recent entrant to the club, and is said to be slowly acquiring the prowess to cause damage to Israeli networks. Its might was revealed in an attack last year against what is described as the world's largest oil producer Saudi Aramco, when data on 30,000 computers was erased and substituted with the image of a burning American flag.
Reports of hacking of several Israeli government websites last weekend fit in with the analysis that the country's sworn enemies will continue to target its installations, both on land and in cyberspace.
Pakistan is one of the lesser members of this infamous club. Its main objective is to annoy India. Because of its limited knowledge and resources its impact in this game has been minimal. ??????????
Chinese hand in every cyber transgression
Dominant in the global cyber conflict scenario is the overwhelming suspicion against China. The latter has vehemently denied any involvement in episodes in which investigation by experts in cyber security had traced back sources of attack to Internet Protocol (IP) addresses belonging to some Chinese cities, especially Shanghai.
The White House, paranoid about the Chinese hand in every cyber transgression, has gone to the extent of providing a list of suspect addresses in that country to Internet Service Providers(ISPs) in the U.S. Some information culled out from intensive research has actually pointed fingers at the People's Liberation Army (PLA). Information is so specific that a Unit 61398 of the PLA located in Shanghai's Pudong district is mentioned as the culprit.
A Chinese network, GhostNet, was mentioned by Canadian researchers a few years ago as having been behind the compromise of some Indian networks. The Pakistani hand in the defacement of some Indian official websites from time to time has been rightly dismissed as an amateurish attempt to cause discomfiture to us. Nevertheless, we need to keep a close watch.
Significant is the fact that it is not government machinery alone that is the target. Private commercial establishments, especially leading banks, have suffered great dislocation and loss of reputation in the past few years.
Last month there was a calculated offensive against the American Express computer network that lasted two hours, during which access to its lawful customers was denied. Known as the Denial of Service (DoS) attacks this has become the most favourite weapon to disrupt commercial routine on any busy day.
Targeting commercial establishments
The technique is to flood the targeted network with an unusual number of requests for service from one or more computers at any particular point of time, so that legitimate customers are unable to get through with their transactions.
A few months ago the same miscreants were known to have been responsible for bringing down the websites of JPMorgan Chase, Wells Fargo and the Bank of America. The group involved called themselves the Izz ad-Din al-Qassam Cyber Fighters, a suspected alias for Iran.
In the attack last month against South Korea, inspired mostly by North Korea, the targets were banks as well as TV networks. More than 30,000 computers were affected in the process. According to some experts, the recent offensive was much more sophisticated than the ones a few years ago, indicating that technology is being grossly misused for crime and that defensive arrangements were unable to match or repulse the raiders.
How does one cope with these increasing signs of disarray in cyberspace? Both the U.S. and U.K. governments have shown extreme sensitivity to the problem. Their focus has been mainly on enhancing transparency in the sharing of information and expertise with the private sector. A "Secure Facebook" concept has been aired to facilitate a real time exchange of information.
New Delhi has made some noises that suggest an inhibition-free collaboration with the U.S. This is as it should be. What is dismaying is the reluctance to share information on incidents that show vulnerabilities of our more important networks. Both the government and the private industry are guilty of this lack of vision.
We need to learn from our mistakes and proved gaps in cyber security. Till this happens we cannot proclaim to the rest of the world that we are cyber savvy and progressive.
The writer is a former Director of the CBI
Saturday, April 13, 2013
Posted by Professional Matters at 8:02 AM