India and Pakistan, not the friendliest of neighbours, have fought three major wars and are now engaged in another in cyberspace. As per latest reports, hackers from across the border are working overtime to launch cyber attacks on Indian websites in their cross hair.

Though the Indian side is known for its prowess in IT and related fields, it is becoming apparent that a dearth of firepower has left the Indian cyberspace particularly vulnerable to Pakistani attacks.

Reports indicate that around 40-50 sites are being hacked by Pakistani hackers on a daily basis whereas around 10 Pakistani sites are being hit by their Indian counterparts. According to analysts, one of the reasons India has been forced on the backfoot in this cyberwar is the reactive attitude it has chosen to adopt instead of being a proactive player.

There are other factors as well and studies suggest how the laidback attitude of both corporate sector and the government on cyber security has impeded a positive approach.

Cyber security expert Ankit Fadia was quoted inthe media as saying that the need to counter such attacks usually sets in after an attack happens. He adds that though ethical hacking is the answer to such attacks and does come at a cost, it is not prohibitively expensive.

Ethical hackers are also known by such names as white hackers, white knights or sneakers. They are computer security experts who specialise in penetration testing and related testing methodologies to check vulnerability of a company’s information systems.

According to Nasscom surveys there exists an unprecedented demand for qualified and experienced information security professionals in the wake of increased information security threats, but Fadia says the supply of ethical hackers in the country falls much short of the demand for qualified information security professionals.

According to Fadia, social networking sites have become hackers’ favourite hunting grounds these days marking a change in strategy from the e-mail route of passing a virus.

Fadia says ethical hacking communities have been operating in the country, however India does not have a strong and serious community of ethical hackers.

He says after passing out of engineering colleges classmates do form ethical hacking communities but these turn out to be short lived affairs not going beyond the level of a collective hobby.

According to industry sources, the shortfall could be made up by starting structured courses, though the first generation of ethical hackers was largely self-taught. Fadia says it may be time for colleges to introduce formal courses in ethical hacking.

The threat from cyber attacks, which can be politically or criminally motivated, is apparently relentless.

“Every quarter of a second, there is an attack somewhere on the Internet,” said Mr Ilias Chantzos, director of government relations at Symantec Corporation, maker of Norton security products.

Cyber attacks can present problems for general Internet users.

“Roughly, you’re looking at an attack rate of one (out of) every five persons… connected on the Internet right now,” claimed Mr Chantzos, who added that this did not mean that the computer attacked would necessarily be compromised, as that would depend on whether it had adequate protective safeguards.

The ascendency of broadband, following the dark ages of slow, dial-up connections to the Internet, ironically increases cyber security risks.

“It’s not that the broadband is vulnerable… we leave the computer always on, the computer is always connected, therefore by definition, it’s more susceptible to attacks,” said Mr Chantzos.

Cyber attacks can take place via “botnets”, which are networks of “zombie” or “Web robot” computers infected with a virus that lets criminals remotely control these innocent machines.

These “bots” could number in the tens of thousands, or, Mr Chantzos said, even “1 million” or more.

If your PC has been corralled into a botnet, you could experience significant slowdown but there aren’t always obvious signs that your computer has been infected.

According to Mr Tan Wei Ming, Symantec’s senior manager for government relations, possible signs of infection include your computer “(sending) out spam, sometimes it could receive some strange emails, and your friend calls you and says, ‘did you send that out?’ You say no”.

Dr Godfrey Gaston, director of Queen’s University Belfast’s Centre for Secure Information Technologies, said that home computers would be more vulnerable than corporate computers to being used as part of a botnet as the latter tend to be better protected.

Zombie computers are often programmed to launch denial-of-service attacks, blitzing targets with data, sometimes forcing them to shut down.

Such botnet attacks, targeted at American and South Korean government and commercial websites, were seen in July. Official Estonian and Georgian websites have also been targets in 2007 and 2008, respectively.

More sophisticated forms of hacking include attempts to infiltrate website defences to steal confidential data. In April, a former US government official said that spies had hacked into the US electric grid and left behind computer programmes that would let them disrupt service.

One of the problems in identifying perpetrators is that locations can be masked.

“It’s really easy to disguise a cyber attack as coming from another place,” said Ms Jena Baker McNeill, an analyst at the Washington-based Heritage Foundation.

A cyber attack targeted at a computer in the US, for example, could be launched by a hacker in Japan, who remotely controls a compromised computer in France.

Cyber attacks are therefore complicated by “the problem of attribution”, said Mr Tony Skinner, the features editor of trade journal Jane’s Defence Weekly.

Said Mr Chantzos: “What you need to do is… find the PC that was attacked, forensically analyse it, identify the origin of the attack, go to the Internet Service Provider (ISP), then determine from the ISP where the attack is coming from, then follow the chain. This is a job that the police are equipped to do.”

Cyber attacks that make the news – and many such attacks go unreported – are often played out along nationalistic lines.

Regarding the massive cyber assault on Estonia in 2007, Dr John Harrison, a terrorism expert at Nanyang Technological University’s S Rajaratnam School of International Studies, said: “It wasn’t entirely clear if the Russian government was directly behind it, but it was certainly people who were sympathetic to the views that the Russian government held.”

Arguably, cyber attacks can be read in some cases as a proxy conflict, even where the protagonists are not unequivocally identified, as in the case of the Georgian-Russian war last year, which was immediately preceded by a wave of cyber attacks.

Another conflict arena for cyber attacks, Dr Harrison said, was “the Israeli-Palestinian conflict, where both Hamas… and the Israeli government are attacking each other’s… websites”.

The researchers of GhostNet, which was accused of spying on the Dalai Lama, said the computers used were based almost exclusively in China, though the Chinese denied the allegations of spying.

Last month, the US’ intelligence director Dennis Blair grouped China, Iran, North Korea and Russia as nations with the ability to “challenge US interests in traditional and emerging ways”.

His report, the National Intelligence Strategy, noted that China “is very aggressive in the cyber world”.

Dr Harrison noted that these four countries have also been accused of “attempting to develop offensive cyber capabilities particularly targeting the US and Western militaries”.

While nations like America are taking steps to combat cyber threats (in the case of the US, with its US Cyber Command agency), there is a recognition by some that offensive cyber capabilities are the flip side to such defensive efforts.

Jane’s Mr Skinner said that “people outside of the (US) cyber command have pointed out that a cyber attack capability is effectively part of cyber defence … part of the whole deterrence aspect of it”.

When asked if this was similar to the concept of nuclear deterrence, he agreed.

In this respect, the generals perhaps need to learn from the bankers. Said Mr Skinner, “the militaries are in a lot of ways catching up” with banking institutions, the traditional targets of cyber attacks and criminal hackers.

- TODAY/yb

In all the hype and hoopla surrounding China’s incursions across the Line of Actual Control (LAC) into Ladakh, Sikkim and Arunachal Pradesh, a more sinister plan to attack cyber networks has gone almost completely unnoticed in India. In front page news reports published abroad recently, Chinese cyber spies were reported to have hacked into computers and stolen documents from hundreds of government and private offices around the world, including those of the Indian embassy in the US. Earlier it had been reported that the Chinese army uses more than 10,000 cyber warriors with degrees in IT to maintain an e-vigil on China’s borders. “Chinese soldiers now swipe cards and work on laptops as they monitor the border with great efficiency… electronic sentinels functioning 24 hours a day.” On June 23, 2009, Robert Gates, the US Secretary of Defence, authorised the creation of a new military command that will develop offensive cyber-weapons and defend command and control networks of the US armed forces against computer attacks.

While information about the People’s Liberation Army’s (PLA) cyber warriors has begun to appear in the public domain only recently, PLA watchers globally have known for long about China’s well conceived doctrine on information operations and cyberwar. China’s cyberwar doctrine is designed to level the playing field in a future war with better equipped Western armed forces that rely on Revolution in Military Affairs (RMA) technologies and enjoy immense superiority in terms of weapons platforms and intelligence, surveillance and reconnaissance (ISR) and command and control networks.

In the first decade of the new century, China’s Central Military Commission (CMC) had called for a detailed study of the concept of “people’s war under conditions of informationisation”, implying increasing attention to the application of IT to the conduct of conventional conflict. Since then the scope of the cyber war doctrine has been expanded to develop the capabilities necessary to take control of all the major networks that drive the world’s economic engines. .

Analysts of the PLA have called the ongoing RMA an informationised military revolution with Chinese characteristics. Informationisation relates to the PLA’s ability to adopt information technologies to command, intelligence, training and weapon systems. The PLA is seeking to contest the information battle space with its space-based, airborne, naval and ground-based surveillance and intelligence gathering systems and its new anti-satellite, anti-radar, electronic warfare and information warfare systems. According to China’s White Paper on National Defence, “In its modernisation drive, the PLA takes informationalisation as its orientation and strategic focus.”

Chinese find information warfare (IW) extremely attractive as they view it as an asymmetric tool that will enable them to overcome their relative backwardness in military hardware. The Chinese are devoting considerable time and energy to perfecting the techniques of IW to target the Western armed forces that are becoming increasingly more dependent on the software that runs computer networks and modern communications. In Chinese thinking, IW presents a level playing field for projecting power and prevailing upon the adversary in future wars.

IW includes intelligence operations; command and control operations to disrupt enemy information flow; electronic warfare by seizing the electromagnetic initiative through electronic attack, protection and warfare support; targeting enemy computer systems and networks to damage and destroy critical machines and networks and the data stored on them; and, the physical destruction of enemy information infrastructure through the application of kinetic firepower. The Chinese call their pursuit of information warfare and other hi-tech means to counter the overwhelmingly superior conventional military capabilities of the Western Alliance “acupuncture warfare”.

In another five to 10 years China will develop much greater depth and sophistication in its understanding and handling of IW techniques and information operations. With Indian society becoming dependent on automated data processing and vast computer networks, India will also become extremely vulnerable to such IW techniques. The fact that it can be practiced from virtually any place on the earth even during peacetime makes acupuncture or paralysis warfare even more diabolical. India can ill-afford to ignore this new challenge to its security.

India should adopt an inter-ministerial, inter-departmental, inter-Services, multi-agency approach to dealing with emerging cyber warfare threats and must develop appropriate responses. No single agency in India is charged with ensuring cyber and IT security. A nodal agency must be created to spearhead India’s cyberwar efforts under a national cyber security advisor who should report directly to the NSA. The armed forces must be part of the overall national effort from the beginning so that emerging tactics, techniques and procedures can be incorporated into doctrine and training. India too needs a Cyber Command to lead efforts within the military to safeguard computer networks from hackers and cyber attacks.

The strategy must be defensive to guard India’s vulnerable assets, such as military command and control networks and civilian infrastructure dependent on the use of cyber space, as well as offensive to disrupt the adversary’s C4I2SR systems and develop leverages that can be exploited at the appropriate time. With some of the finest software brains in the world available to India, it should not prove to be an insurmountable challenge.

This is too important a field to allow the traditional Indian approach – digging heads into the sand while waiting for the threat to go away – to hold sway and react only when the enemy has reached Panipat and is knocking on the gates of Delhi. In this case, the nothingness of cyberspace connects China’s laptops warriors directly with Delhi, Mumbai, Kolkata, Chennai, Bangalore and Hyderabad and other Indian cities, as also India’s strategic establishments.

The writer is director, Centre for Land Warfare Studies, New Delhi

Armies (even guerrilla armies) are so dependent on digital communications these days that a well-placed network hit could hobble their forces. Do these cyberattacks right—and openly—and the belligerents will think twice before starting trouble. Arquilla calls his plan “a nonlethal way to deter lethal conflict.”

Sure, it’s risky. A misinterpreted or misattributed attack could inflame tensions. Or you might fritz the good guys and civilians by mistake. But Arquilla says this “kinder, gentler deterrence” is better than threatening to strangle an adversary’s economy or reduce its cities to radioactive cinders. Here are three scenarios in which preemptive cyberattacks could prevent bloodshed.

Scenario: Defusing South Asia
Situation: Pakistan and India are massing armies on their shared border.
Solution: Take out the command-and-control networks on both sides before these nuclear-armed foes can go to war for a fifth time. In the 1951 film The Day the Earth Stood Still, Arquilla notes, a benevolent alien shuts down the machines of Earth’s superpowers before they can spread nukes to other planets. Here, US- led hackers play the ET role to put the conflict on ice.

Scenario: Disconnecting al Qaeda
Situation: Intelligence sources report that al Qaeda is about to launch another 9/11.
Solution: Track down militants online and let them know we’re watching. Spy agencies already eavesdrop on al Qaeda’s networks and occasionally take down its Web sites. But to really disrupt increasingly Web-dependent terror groups, you have to convince them they’re not safe anywhere on the Net. Set up online honeypots—like a fake jihadist discussion forum—to lure in and bust wannabe Osamas. And even if you break up terror cells by other means, give public credit to your online spadework. A little fudging is acceptable if it keeps killers from clicking for the cause.

Scenario: Restraining Russia
Situation: Russia is mobilizing its troops for another showdown with Georgia.
Solution: Deploy a US-led or NATO-sponsored cyberdeterrent squad to disrupt the Russian military’s communication networks, forcing the Kremlin to delay an attack on the former Soviet republic. The intervention would buy time for diplomacy to work. Arquilla says, “I like the idea of cyberdeterrence being used against anyone who would start a war”—even, he muses, the US.

By Noah Shachtman :When WIRED’s editors sent me out in search of “dangerous ideas” in the defense community, one of the first e-mails I wrote was to John Arquilla. The Naval Postgraduate School professor (and longtime WIRED contributor) was pushing for the U.S. shore up its cyber defenses before most folks in the Pentagon had gone web-surfing. Before Al Qaeda was founded, he was focused on fighting terror networks. And once 9/11 went down, he advocated using Orwellian data-mining techniques to find the jihadists — and dismantling America’s Cold War-style arsenal to get better equipped for irregular war.

Arquilla isn’t always right; he predicted Liddy Dole would be president during “The Great Cyberwar of 2002.” But his analysis never fails to be thought-provoking, and ahead of the proverbial curve. I was pretty sure Arquilla could be one of the “big thinkers with controversial, game-changing propositions” that the bosses were looking for.

He didn’t disappoint. A few hours after I sent my e-mail, Arquilla shot back a response:

We could launch preemptive cyber attacks to help head off regional wars by striking at command, control and infrastructure during a crisis. The goal being to achieve a kind of “Day the Earth Stood Still” deterrent effect. A dangerous idea because there is some risk that one party might blame the other disputant for such a strike and go to war anyway. But I discuss ways to mitigate the risk. Anyway, a cool mode of cyber operation to head off hot wars.

At first, Arquilla and his idea were considered too outlandish even for a package on dangerous notions. But my editors eventually came around. Arquilla fleshed out his idea a little more — basically arguing that a worldwide group of hackers should unleash network offensives, to keep blood-and-guts wars from going down. You can see the results in the current issue of the magazine.

Alas, the most dangerous implication of Arquilla’s concept — to an American audience, anyway — didn’t make it into the dead-tree edition of the magazine. In print, Arquilla’s idea is applied to three scenarios: defusing South Asia, disconnecting Al Qaeda, and restraining Russia. In a fourth and final scenario, U.S. armed forces are readying an invasion force. Arquilla’s response: Hack America before it happens.

No military is more networked – and therefore more vulnerable to an online first strike – than America’s. For Arquilla, that’s not a problem. He asks: “Wouldn’t it have been nice to have some cyber deterrence in March 2003, before the invasion of Iraq?”

23 September 2009 – The importance of bolstering international cooperation to combat the rising tide of cyber-crime across Asia and the Pacific was underlined by participants of a regional United Nations information and communications technology (ICT) gathering that kicked off in India today.Bringing together 120 participants from 19 countries throughout the Asia-Pacific region, the UN International Telecommunications Union (ITU) forum in Hyderabad aims to reinforce collaboration and development of a harmonized approach to protecting people against the growth of criminal activity on the Internet.

Sami Al Basheer Al Morshid, an ITU Director, noted the progress already made in global collaboration through the signing of an agreement between the agency and the International Multilateral Partnership Against Cyber Threats (IMPACT) last year.

The agreement with IMPACT makes state-of-the-art cyber-security measures and early warning systems available to 30 ITU member States.

“These services allow countries to prepare themselves against cyber threats, while at the same time ensuring coordination and cooperation at the national and international levels,” said Mr. Al Basheer.

All this is nothing new. Two years ago, Pakistan spent $3 million to establish a Center For Cyber Crime. This was the result of several trends. First, the national economy is increasingly dependent on Internet access. Without some kind of national level Internet security, the country becomes a more attractive target for the growing number of hacker organizations. Second, Islamic terrorists have been making heavy use of the Internet for communications. American intelligence agencies, working in Pakistan with local police, have demonstrated the wide array of unclassified techniques and equipment available to monitor terrorist use, protect the Internet, and hunt down criminals using it. The government does not want to be as dependent on the Americans for these services, and the Americans are unwilling to share their most valuable Internet technology.

While the American help was welcome, Pakistan has a large, and growing, software development industry. In fact, the first known computer virus, the “Brain Virus” was written by Pakistani programmers in 1986. “Brain” was created to help protect software a Pakistani firm was selling, from software pirates. But, instead, the Brain virus got out of control, and the rest is history. Pakistan has a lot of home grown talent for their computer crime center.

Finally, there is the ongoing “war” between Indian and Pakistani hackers. Most of this has been little more than vandalism (defacing web pages and the like), but there have been some more serious hacks. So the government wanted to be ready on the Cyber War front. The Cyber War battles between Pakistani and Indian civilian hackers, and professionals working for government agencies, has upped the ante. India, in particular, has one of the largest Internet software and service industries on the planet. Thus India has much to defend, and the potential to become a Cyber War superpower. The Cyber War battles in South Asia are becoming more frequent, and more intense.