How a warning about ShadowPad, Red Echo saved the national power grid from being hacked

New Delhi, Mar 02: CERT-In, India’s cyber security agency had in November detected ShadowPad malware, one of the largest supply chain attacks. The agency had alerted the national power grid operator and its regional units on November 19 about the malware and attempts being made to hack.

The National Critical Information Infrastructure Protection Centre had on February 12 warned about Red Echo, which is a Chinese state sponsored actor group. The warning stated that the group is trying to break into the grid control systems. It was further learnt that the IPs in Red Echo and ShadowPad instances matched, following which list of the IPs and domains were sent out. 

Read more

Grand chase: How India and 7 nations retrieved $171 million hacked from a bank

hackingIn the month of July 2016 a massive hack of $171 million was reported at a bank in India. It took just a couple of days for the best minds in India to retrieve all the money. It was an investigation that involved seven countries and in just six days time all the money was retrieved.

Read more

86959 websites hacked in 3 years

hacked86959- This is not just a number. This in fact is the number of Indian websites that have been hacked between 2011 and 2014. Overall an indicator that the problem of cyber crime in India is a very serious one and with terrorist groups dancing around on the internet the issue becomes even bigger.

While there are incidents reported on the border each day, there is an all out war that India fights on a daily basis against the various cyber terrorists based across the world. Our biggest fight is against the Chinese and the Pakistanis who have chosen to target Indian websites in a bid to either seek out information or just to embarrass.

High crime rate, low on convictions:                       

The worrying part of the above mentioned number is that these are hacks not committed just on private sites. There are a good number of government sites as well part of the attack. In the past three years we have seen sites of the defense forces, the CBI among other important sites being hacked. The Indian security agencies have booked nearly 1487 cases in the past three years. The worrying part of this entire issue is the conviction rate which according to statistics is at 10 per cent. Speaking to several officers in the cyber crime wings in the country, one gets the picture as to why this rate of conviction is so low. Most of the servers are based out of the United States of America and getting information has been extremely slow. In fact in some cases of social media accounts or emails being hacked the information that India has sought has been pending for nearly 10 years and this hurts the prosecution a great deal as a result of which the conviction rate is also so low.

Continue reading “86959 websites hacked in 3 years”

DRDO hack- Time to look within

hackedAround 50 computers of the DRDO were hacked and there is a good possibility that some crucial information could have been compromised. While the finger is always pointed towards a foreign agency, sources say that several officers do not follow the standard operating procedure as a result of which agencies of China and Pakistan find it easy to hack into our networks.
In the latest incident the probe has found that a major from Andaman Nicobar could have either compromised the information or was being careless as a result of which this incident could have occurred.

Continue reading “DRDO hack- Time to look within”

China’s war from South continues

huwWhen it comes to hacking, India’s biggest concern is China. The recent statement by the ministry of Information and Technology before the Parliament is an indicator of the same. India has alleged that the Chinese telecom equipment maker Huawei has hacked into the Bharat Sanchar Nigam Ltd. Network in Andhra Pradesh and a probe into the same has been ordered.
This is yet another indicator to show how interested the Chinese are in the affairs of India. Worse it only goes on to stregthen the claim by the various agencies that China is looking to attack India through South. Continue reading “China’s war from South continues”

DRDO website compromised- A major hack

India’s vulnerability to cyber attacks was once again out in the open. Hackers from Algeria managed to sucessfully managed to hack into the websites operated by the Defence Research and Development Organisation, the Prime Minister’ office and five other websites.
The message pasted on the websites after they had been compromised read, SanFour25, Alegerian Hackers mninutes after the hacking.

Continue reading “DRDO website compromised- A major hack”

The sad case of our cyber security

How safe are our systems? Pic-utsa.net

Three days gone and the website of the Central Bureau of Investigation is still down. When queried about the same, the answer was work was still on and more importantly the investigation was on in full swing.

It is an established fact that the hacking of the CBI website was the handi work of the Pakistan Cyber Army. Looking back at this attack there are many points that come to light and cyber security experts point out that the most disturbing of all the facts on the cyber security front is that the government of India is yet to notify a large number of sensitive websites as protected systems.

The amendment to the Information Technology Act made a provision for the government to notify all sensitive sites under it as protected systems. Under this provision, a mere attempt to access a protected system would invite a jail term of up to ten years. This would not deter a Pakistani from hacking the website under the classification of a protected system, but within the country the systems would be much more secure.

Pavan Duggal, an expert on cyber security tells rediff.com that most of the highly sensitive websites in India which are under the government ofIndia are not notified as protected systems. The IT act says that any person trying to even access the site under this category will imprisoned for ten years. The fact that the government has not done this despite the act being in place for nearly two years only speaks about the seriousness in fighting cyber crime.

The attack on the CBI site brought into question an important fact whether India has its own Cyber Army. India does have a set of ethical hackers who are meant to protect our systems. However there are a lot of issues that surround this and one ethical hacker who did not wish to be named pointed out the following problems that they face.<

He says that they do not enjoy the patronage of the government. The much needed security that they ought to have has not been provided by the government. This is in total contrast of the Pakistan Cyber Army which enjoys the complete patronage of both the Government and the ISI.

In addition to this some of the ethical hackers in India who were supposed to work for the government have complained about too much police interference. Very recently there was an incident in which the police had issued a couple of directions to the ethical hackers. These persons say that they were upset with this kind of interference and they should not be told how to go about their job. This kind of kills our motivation and we feel that our own system is against us. Our job requires precision and a lot of dedication and at times we would suo motu indicate the problems faced by the Indian systems. However there was not much reaction to this and we have been clearly told that we need to work when we are asked to work.<

Duggal points out that there are plenty of ethical hackers in India. However we do not have a cyber army in that sense of the word. It is high time that India thinks in that direction in order to act pro actively to protect our sovereign interests.

Look at the case of the CBI website. It has been four days and it is still not up when it should have been done in three hours time. The message we have sent out is loud and clear that we lack a pro active national cyber strategy on cyber crime. Moreover the Pakistanis have exploited our security loop holes and we are only showing how weak we are by undertaking the restoration process so late.

The Intelligence Bureau on the other hand has been constantly warning against such attacks. It has been more of a challenge this time, but there could well be a situation where our crucial data is accessed. A fully functional and dedicated cyber army is very much required and it should comprise IT professionals. It is more important that they constantly work towards securing our web sites than hack into systems of our neighbouring nations.

Meanwhile the Defence Research and Development Organisation (DRDO) says that it is developing a mechanism to make websites hack proof. The DRDO pointed out that cyber security is a major concern for national security and feels that they could develop hacking proof devices.

Read More: Cyber War-Where does India Stand?

Cyber War-Where does India Stand?

The Hacked CBI Website

The website of the Central Bureau of Investigation, India’s premier investigation agency was hacked by the Pakistan Cyber Army. The website had the message from the PCA that this was being done to avenge the hacking of Pakistan government websites by the Indian Cyber Army.
The message on the CBI website also mock the agency for the lack of security and also questioned the manner in which the National Informatics Centre had put in place the security to safeguard government websites.
Immediate measures have been taken to rectify the problem since the website of the CBI is not only connected to all police stations in the country, but also directly linked to the Interpol. There is heavy damage control exercise which is on at the moment since there is crucial data on this website. The data contains records of wanted criminals and terrorists and this information is linked with the Interpol.
The attack comes close on the heels of a major warning by intelligence agencies that Indian government websites will come under severe attack by Pakistan based hackers. The IB had warned that Pakistan would launch a major cyber war and this could be a continous process and immediate steps had to be taken to secure our servers and websites.
The Pakistan Cyber Army which is the most lethal of the three Pakistan based hacking groups claims to have come into force after their websites were hacked. They say that the Indians had hacked into Oil and Gas Regulatory website in Pakistan. In an immediate retort they hacked into the website of the Oil and Natural Gas Corporation.
India has been trying to put in place its own set of hackers. The core job of this group would not be to hack into websites of other countries, but to secure hackers from other countries from entering into our sites.
Currently India has a set of hackers who have capabilities, but the problem is that there is a need for a government clearance to get them to do the job legally. The advantage that a PCA has is that they enjoy the support of security agencies and hence they appear to be in a stronger position today. The IB says that it is not sufficient to rely on the government machinery, but experts from the private sector need to be brought in to secure Indian websites.
Experts point out that there is a need to put in place a dedicated cyber army to protect India’s websites. We have seen many attacks in the past and we should consider ourselves lucky that no serious damage has been done as yet. At the moment they only want to show that our system is weak and it is more of a game for them.