Cyber war and the never ending threat

Photo courtesy: http://4.bp.blogspot.com/
Photo courtesy: http://4.bp.blogspot.com/

We are by now well aware of the kind of security risk that is posed by terrorists using the internet. Aditya Mishra who spoke recently at the International Conference on Mobile Law at New Delhi explained at length how the internet and internet telephony has become a cause for concern for security agencies.

The United States of America too addresses a similar concern and very recently Director, FBI, Robert Mueller also suggested that cyber security threats could very soon become bigger threats than terrorism.

When one looks back at the 26/11 attack we realise that India was lacking when it came to curbing the run up to the attack which was largely carried out through the internet. Right from the stage of planning to the financial transactions, everything was carried out on the internet and our agencies were clearly in the dark all through the operation. Mishra during the conference did explain how the VoIP was used during the 26/11 attack. He said that the terrorists used a VoIP based service in New Jersey, USA. Callphonex got an email from a mail id, kharak_telco@yahoo.com on 21st October 2008, from Kharak Singh from India, for starting a VoIP account. “To activate this Callphonex VoIP account, an initial payment of $250 was made by a Mohammaed Isfaq through a Lahore based agent, through Money Gram. A Virtual number 0012012531824 was allotted by Callphonex, and it is the property of a Voxbone, a Belgian company, and was leased out to Callphonex, and a request was changed for allottment for 5 DID numbers (Direct Inward Dialers).” The calls are supposed to be coming for the virual US number, but they go to the five Austrian DID numbers, which are all virtual numbers, albeit mobile numbers.

India has now become fully aware of the problem and does realise that it does need a full fledged agency to counter this menace. India feels that its problems in cyber space would be solved to a large extent once the National Cyber Coordination Centre is set up. The job of this centre would be to monitor all activity on cyber space and then report it to the investigating agencies.

India today finds itself to be a victim of both cyber attacks and also cyber terrorism. Police officials say that despite very stringent measures, the web would be the worst place for them to deal with since terrorists would continue using it and finding ways to beat the security system. The Indian agencies would look to adopt the FBI style of functioning where they would not only pick up intercepts but also identify patterns and also players indulging in cyber crime. This would go a long way and would help identify the trail so that cracking or even preventing the case would become easier. In addition to this the Indian agencies also expect a very strong legislation to support their case. The proposed National Cyber Coordination Centre threatens to invade into privacy as it is intended to monitor each and every mail, tweet or face book update remotely connected with India. Indian agencies hope that the government would be able to overcome certain privacy issues so that the all the time is not consumed fighting a legal battle.

While the 26/11 styled attacks and the use of the internet would gain top precedence for Indian agencies, they also have headaches posed by the home grown terrorist outfits as well. The Indian Mujahideen in particular has been notorious to use the web space and has very often managed to fox Indian agencies.

Cyber experts say that the internet has become the most preferred medium for terrorists. Not only have they been planning operations on the net but also use the information available on it to their advantage. In cases of terrorism, the internet has provided real time information which has helped these terrorists plan their next move and also change their location. The agencies are trying to find a way to regulate the flow of content on the web which could prove fatal to investigation. The net was often accessed on the cell phone by the Indian Mujahideen operatives and they had picked up information on the police investigation real time which helped them plan their next move. Some police officials say that most of the time the flow of news at such a fast pace helped these operatives give them the slip.

The Delhi police which has been investigating several crimes committed by the Indian Mujahideen found that it was the internet which helped these persons a great deal. The operatives are said to have confessed to using their cell phones to access the web. They were trained to use key search words regarding the case on hand and they moved around avoiding arrest based on the information which the police were feeding to the press.

The Delhi police officials said that the use of this tactic helped them evade arrests for quite some time. There is a need to regulate the information that is coming out of the various

Real time info- Will it stop the Cyber Terror wave?

Cyber terrorism is becoming India’s biggest concern and today if one looks at the laws in place, it is clear that our approach has been more reactive than preventive. Now the government of India has proposed to bring about a law that would make it mandatory for internet firms and inter mediatories to provide real time information to security agencies in a bid to prevent a cyber strike by terrorists.

Indian agencies have often been caught off guard in the lead up to a terror strike as they do not have access to real time information about what is happening on the web space. Had Indian security agencies been given this information a lot of terror strikes could have been prevented. As the agencies point out that the crux of the problem begins with the internet and all the planning these days are taking place on the web space. The use of mobile technology which was extremely high a couple of years back has taken a back seat thanks to better mechanism in place which tracks conversations with much ease.

The Intelligence Bureau has suggested that it needs to have access to real time information pertaining to terrorism cases. The planning can be tracked with much ease and our response could be preventive when compared to reactive, the Intelligence Bureau feels. The case of David Headley is a very good example to show why India would need real time information regarding terror suspects. Today the NIA can only seek for further information about what has already happened. While this would help from the prosecution point of view, the fact of the matter is that damage had already been done. Had India had access to real time information from service providers or internet firms, they could have possibly prevented a huge attack such as 26/11.

While India studies the pros and cons of bringing about such a law, Cyber security expert Pavan Duggal explains the following. This proposal is emerging out of the need to tackle issues concerning national security in real time. Traditionally our approach has been more reactive in nature. It is only once an incident takes place that we investigate. By seeking real time data the government wants to be on par with pro effective efforts to stop or prevent on national security. Currently we have the IT Act of 2000 which has been amended in the year 2008. According to the amendment all service providers have been mandated to provide information as and when asked by the government of India. However the scope is not clear in terms of real time data and hence there is a dire need to come up with a new legislation or legal provision which can help the government seek real time data from these service providers of internet firms.

In the recent past, what Indian agencies have found is that the use of the web space has gone up ten fold. Apart from sending out mails to communicate regarding a terror strike, there have also been instances when terrorists have saved messages in their drafts in a bid to dodge being tracked. If the proposed law comes up, then suspects could be placed under the scanner and their activities tracked real time. It however cannot be considered to be a fool proof method, but there would be a fear among such persons that they are being constantly monitored.

For terror organisations it is very important that they go through the initial part of the operation without being noticed. If the proposed law falls in place then it would act as a deterrent to them. The new law which is being considered would not only help agencies track the planning but would also help them keep a check on other activities the most important of them being fund transfer. During a lull, terrorist groups continue to transfer funds and also carry out recruitment activities through the internet. This new law could help prevent such activities as well.

India today is probably very high on the security risk map where cyber terror is concerned. This has even been recognised by the European Union which recently invited India to take part in the cyber security and crime project. This project would require India to take part in a exercise which would involve counter terrorism on the cyber space.

While India would need time to study the pros and cons of such a new law, the biggest challenge would again be in respect to privacy. There is a careful need to study the law before bringing it out in the open. Duggal adds that the only problem would be that this law should have adequate safeguards to prevent a misuse by the government and security agencies. There needs to be a line drawn and the government should not seek real time data on each and every individual. There is a need to balance out the information being sought on suspects and also a need to protect the privacy and civil liberties of the ordinary citizen. There ought to be a proper monitoring committee and a set of guidelines that need to be followed just like in phone tapping cases before a requisition could be made to the internet firm to provide real time information on any person. Only once the committee are convinced should a go ahead be given to seek such information.

Meet the logic bomb

A week ago, three techies who work in Bangalore created quite a scare when they disabled the Common Use Passenger processing system which led to delays in the flights at the Indira Gandhi International Airport.

Three techies who are residents of Delhi, but working at Bangalore crippled the system with a technique known as logic bombing. The three techies one of who is a woman are today out on bail even as the Central Bureau of Investigation continues to probe the matter.

At first it was being construed as a terrorist attack, but today investigations have made it clear that these persons were demanding higher wages and when they were refused they adopted to this attack known as logic bombing.

This basically is an embrassing case for the Central agencies since all the employees work in an IT firm which is sponsored by the Central Government. Moreover these persons were also involved in the project to set up the Common Use Passengers Processing System which was installed at Terminal 3 of the airport in New Delhi. They had been demanding higher wages and when they were denied they decided to disable the CUPPS as a result of which all passengers had to be manually checked in instead of an automated check in which was possible with the help of CUPPS.

At first there was panic in the airport and it was believed that the attack was carried out by some terrorist groups. However after throrough investigation and also raiding the houses of the three accused the truth came out.

Although not a terrorist attack per se, investigators say that this amounts to cyber terrorism and as per the provisions available under the IT act of 2008, they could face up to 7 years of imprisonment if proven guilty.

An investigating officer pointed out that this was done on a very personal level but did cause a lot of hardship for passengers. It needs to be taken very seriously since it does send out a wrong precedent as terror groups would surely try and attempt something similar. A delay in the flights would mean a hit on the economy, something that terrorist groups would always want to do. However if terrorists were to use a logic bomb in a particular situation, they would ideally require an employee to trigger off a logic bomb.

Also known as the slag code this bomb can be triggered off mainly by insiders in a company. Basically one would have to be first involved with the programming and only if he has proper access and knows how a particular programme works can he trigger off a logic  bomb.

Although it does not classify as a virus, it still does something similar. Basically a logic bomb comprises a computer code which carries out a deadly activity to destroy a hard drive. Apart from wiping out the hard drive it could also be programmed to carry out specific tasks and the investigations into the Delhi case would show that it was meant only to hit the CUPPS as it would cause delays due to manual check ins.

History of the logic bomb would go on to show that it is something that is used only by disgruntled employees. It is a concept that has been deviced in the IT world and normally employees use this concept to wipe out data. In most of the cases the logic bomb has been used to cause negative triggers.

The Delhi incident clearly points to an inside job considering the history of the slag code and the manner in which it has been used in the past. Moreover the security system at Delhi too was found lacking thanks to lack of checks and balances. In bigger set ups it is often recommended that there is constant monitoring so as to check whether there are newer objects entering into the system. Investigations would show that there was no proper check and balance which made the job of the trio much easier.