China's Cyber War On India

China's cyber warfare against India to possess electronic dominance is becoming a serious threat to national security

Adv. Prashant Mali January 16, 2012 15:46:43 IST
China's Cyber War On India

China is waging a cyber war. After land, sea, air and space, CHINDIA War is a reality. This is quiet, invisible but massive attack against India, aimed at stealing its most sensitive military and economic secrets and obtaining the ability to sabotage vital infrastructure. This is, by now, well known to our central law and enforcement agencies, but relatively little is being done about it, considering the enormous stakes involved.

About 12 different Chinese groups largely directed by the government there, do the bulk of the China-based cyber attacks stealing critical data from companies and government agencies. State sponsored hackers or backed by the People’s Liberation Army are trying daily to penetrate our computer systems which include government agencies and companies, nuclear installations, IT firms, and utilities such as power and water companies, not to mention the private e-mail accounts of thousands of Indians.

In recent years, hacks have been reported of the Indian Embassy, intelligence agencies, and the e-mail accounts of senior government officials were targeted. Julian Assange of wiki leaks has quoted that, “Telephone connections and e-mails from India that go through the Pacific (Ocean) can be intercepted and are being intercepted by China and the West. The information acquired from their intercepts is used as economic intelligence.”

China´s cyber warfare against India to possess electronic dominance is becoming a serious threat to national security. China has around 30,000 ‘cyber soldiers’ and has another 1,50,000 civilian or mercenary hackers. China attacks and then denies responsibility but the country has almost complete control over its Internet, which leads to easy assumption that these attacks are government sanctioned. China denies this upfront which makes it difficult for diplomats to pressure for any kind of cease-fire.

The malicious software or high-tech tools used by the Chinese haven't gotten much more sophisticated in recent years. But the threat is persistent, often burying malware deep in computer networks so it can be used again and again over the course of several months or even years. The tools include malware that can record keystrokes, steal and decrypt passwords, and copy and compress data so it can be transferred back to the attacker's computer. The malware can then delete itself or disappear until needed again.

In February, US cyber firm McAfee, a company that markets anti-virus products, said that Chinese hackers had infiltrated the networks of oil companies around the world, stealing financial documents and other sensitive information.

India’s Paranoid Government Officials

Many government agencies, senior officials and even cops from cyber departments use Gmail, Yahoo and rediffmail accounts to transact official business, moving highly confidential and secret data beyond any security controls that may have been in place.

Suppose I send any email stating “Government’s New Pay Policy of 2011” with a malicious link or attachment having a Trojan, almost 80 percent of people will open it and I would have a control on majority of government systems.

This is not a sophisticated or high-tech attack though. Such attacks were made in August 2011 and systems in Ministry of External Affairs, even offline machines, which should be the safest, were compromised and their data sent to the adversary.

NTRO, the National Technical Research Organisation, that only reports to the Prime Minister’s Office has large mandate to infuse cyber weapon technology. A much-needed draft cyber security policy enforceable by law that could mandate statutory re-organisation was lost in a sea of bureaucracy and not implemented. NTRO remains with lot of technology but with no powers to implement.

CERT-IN, the Indian Computer Emergency Response Team and now a statuary body, is a central agency for responding to computer security incidents. It is reportedly a small, underpaid organisation dependent upon contract employees rather than permanent staff. It has come out with a Government Crisis Management Plan to be the master plan of India.

Apart from this, the Army-CERT, Navy-CERT, Airforce-CERT, the National Informatics Centre, CBI cyber team, local cyber cells, all contribute to the India’s cyber security initiatives. Bureaucratic problem of guarding their own secrets within government agencies can create rift amongst these separately functioning agencies.

Steps To Be Taken

More and more countries are setting up their own cyber warfare divisions and experts predict that cyberspace is likely to be a key battleground for states in the 21st century - the United States, Germany and Britain have set-up cyber warfare facilities.

In October, the National Security Agency, a secretive arm of the US military, began providing Wall Street banks with intelligence on foreign hackers, a sign of growing US fears of financial sabotage.

Global spending on cyber warfare will reach US$15.9 billion next year, up from an estimated US$12.5 billion this year as governments respond to a range of cyber threats. Visiongain’s Cyberwarfare Market 2012-2022 report says that governments around the world will continue to invest in a range of cyber warfare systems and solutions designed to offer protection against a wide range of cyber threats including protecting information and infrastructure from hostile states, as well as non-state actors both at home and abroad.

Events from last year, such as the discovery of the Stuxnet virus which disrupted centrifuges Iran uses to enrich uranium, have left little doubt as to the potential implications of nations failing to develop adequate cyber warfare capabilities. Cyber warfare is no longer seen as separate from conventional defence but as a fourth area of operations alongside air, land and sea.

As cyberspace revolutionises the way nations see their defence, a whole new market for defence sales is rapidly growing. As many nations seek to reduce overall defence expenditures, understanding this complex and vibrant new cyber warfare market will be vital for companies seeking to grow in the defence sector.

Earlier this year China’s military established a 30-person strong Internet security task force to protect China from cyber attacks. The establishment of the cyber warfare unit has caused concern in many Western countries, such as the United States, Australia and Germany, which accuse China of being behind high profile hacking events.

Indian Government should more directly confront the problem. It should demand that Beijing shut down the state-backed hackers. If it does not do so, all electronic goods imported should be slowly weeded off. A diplomatic discussion not only on actual physical borders but on cyber borders should also be taken.

Cyber Command of India should be established with complete staff at all ranks to be technical. “Bharat Firewall” – a firewall policy and actual firewall should be developed for controlling and monitoring all illegal Internet traffic in and out of India. Government should start allocating money in the annual budget towards research in the field of cyber security, cyber weapons and cyber law.

Chinese incursions on Indian Cyber Territory should be discussed in Flag meetings, secretary-level meetings and ministerial-level meetings. Such incursions should be strongly condemned even at ASEAN, SAARC and UN meets. Electronic evidences should be collected and preserved to support such move.

Not only cyber boundaries in cyber space but cyber infrastructure including the Fibre Optics back bone of India and complete telecommunication infrastructure with other internet carriers should be protected.

Telecommunication networks and Internet carriers of certain departments or organisations such as Power Grid Corporation of India, Water supply departments, Dams, Airports, PMO office, Defence Ministry, etc. should be quarantined.

The author is President, Cyber Law Consulting.

Updated Date:

Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.

also read

India’s S-400 deal with Russia may trigger US sanctions, says congressional report
India

India’s S-400 deal with Russia may trigger US sanctions, says congressional report

In October 2018, India had signed a $5 billion deal with Russia to buy five units of the S-400 air defence missile systems

Donald Trump issues two-week emergency declaration in Washington DC ahead of Joe Biden's inauguration
World

Donald Trump issues two-week emergency declaration in Washington DC ahead of Joe Biden's inauguration

The order, which will remain in effect till 24 January, comes after the FBI warned of armed protests at all 50 US state Capitols in the lead up to Joe Biden's inauguration