Stuxnet attack exposes chinks in India's critical infrastructure

By -

The world first heard about a computer worm called Stuxnet in the summer of 2010. Early reports were sketchy but what was certain is that Stuxnet had destroyed 2,000 centrifuges at an Iranian facility in Natanz, grinding the country's nuclear program to a halt. "It was the cyber equivalent of a cruise missile," says Shantanu Ghosh, vice-president for product operations at anti-virus firm Symantec's India branch. The company was the first to decode Stuxnet.

Just days after the news went public, a team of cybersecurity experts at the National Technical Research Organisation (NTRO), India's technical intelligence agency, began drafting a report. Their findings would send shockwaves through the security establishment. Since then, Indian authorities have been scrambling to plug gaps in the country's cyber-security. Many remain.

It is now known that Stuxnet was jointly programmed by US and Israeli intelligence as part of a project called Olympic Games. It spread from computer to computer, hunting down the exact one that controlled Natanz's centrifuges. But a flaw in Stuxnet's code caused it to spread further than planned, infecting more than one lakh other machines worldwide. In mid-July 2010, NTRO obtained a list of infected Indian computers from Symantec. Two days later, a preliminary analysis was ready.

A government official, privy to NTRO's analysis and speaking on condition of anonymity, told India Today that of the 10,000 infected Indian computers at the time, 15 were located at what are called 'critical infrastructure' facilities. These included the Gujarat and Haryana electricity boards and an ONGC offshore oil rig. While the flaw caused Stuxnet to reach these computers, thankfully, it did not activate itself on them. In other words, India was only a few flawed lines of code away from having its power and oil sectors crippled.

Stuxnet woke the government up to India's vulnerability to cyber attacks. "The entire economies of some countries have been paralysed by viruses from across the border. We have to make ourselves more resilient," Sachin Pilot, Minister of State for Communications and Information Technology, told India Today, "Power, telecom, defence; these areas are on top of our agenda."

These actions may already be too late to protect some sensitive areas. Indian government networks have fallen victim to countless, sophisticated hacks over the years. "We once sat down to check the Delhi [Internet] backbone. We found thousands of systems compromised. All were government's systems," says a cybersecurity professional working with one of India's intelligence agencies. "Research and Analysis Wing, Intelligence Bureau, Military Intelligence... we don't realise how much damage has already happened."

Such attacks have larger implications than just the immediate loss of secrets. A senior cybersecurity expert, currently with the Ministry of Home Affairs, says they hit at what he calls 'speed of trust'. "They make us distrust our own systems. We are no longer sure if the information we are getting is legitimate," he says. "We are forced to install more security and to check everything. This slows down the speed at which we operate."

Worse, cyber attacks that destroy critical infrastructure are getting easier to carry out. In March, Digital Bond, an American computer security firm, showed how a Stuxnet-like attack can be carried out using hacking tools downloaded from the Internet. Some of the vulnerabilities they found are present in hundreds of Indian factories and facilities. Chinese or Pakistani hackers, constantly hunting for Indian targets, could easily use these findings to launch their own Stuxnet-like operation against India.

"When everything, including power grids, e-commerce, e-governance and banking, runs on foreign-made equipment, you're talking about a horror story," says the cybersecurity expert working with Indian intelligence. He refers to equipment from China's telecom giant Huawei. Its president Ren Zhengfei was once a senior scientist with the Chinese army. Allegedly, he still maintains those ties. Huawei calls the allegations "ill-founded" and "ungrounded". That hasn't stopped countries like the US and Australia from banning Huawei equipment in critical infrastructure. In 2010, India's home ministry also warned telecom companies against using Chinese equipment. That year alone, Huawei's India revenues totaled $880 million (Rs.4,400 crore). "Cyber attacks have become an increased threat in proportion to local dependence on technology infrastructure," says R. Srikanth, cyber strategies researcher at the strategic affairs think-tank Takshashila Institution. At last count, India had 950 million mobile subscribers. The math is frightening.

Realistically, India's critical infrastructure cannot be secured overnight. "Telecom, power, ports and airports are increasingly going in private hands," says Kamlesh Bajaj, the first head of the Government's Computer Emergency Response Team (CERT-In). Bajaj, currently CEO of the Data Security Council of India, advocates sector-specific CERTs for industries like power, telecom, banking, railways and energy. Cherian Samuel, an associate fellow at the Institute for Defence Studies and Analyses, says these sector CERTs should ideally report to a central agency, jointly-staffed by the private and government sectors and the military.

It appears such an agency has taken shape. Following the alarming reports, the Prime Minister designated NTRO as the agency responsible for protecting critical infrastructure. This January, it formed the National Critical Infrastructure Protection Centre with a senior IPS officer who has a background in computer engineering, as its head. His team includes a number of private-sector experts who were absorbed as officers on special duty. Quality clearly isn't a problem, numbers are. In an interview in 2011 to the UK's Channel 4, British intelligence analyst Glenmore Trenear-Harvey estimated China had "literally thousands of hackers". To bridge this gap, the Communications and Information Technology Ministry set up the National Security Database last year. This is a network of private-sector cybersecurity experts whom the Government verifies, gives security clearances and can approach for help.

This March, Sachin Pilot also announced plans for a secure pan-India network for government organisations and agencies. More recently India gave teeth to its cybersecurity plans by instructing the Defence Intelligence Agency and NTRO to conduct offensive cyber operations against India's enemies. The ideas are progressing, but are not foolproof. Pilot's secure network, for example, may be inaccessible from the outside, but it is vulnerable to moles working within.
India's critical infrastructure will always remain vulnerable to cyber attacks, as is the case with all countries. At best, the Government can only play catch-up with the bad guys. "This is an area where technology evolves every two weeks," Sachin Pilot told India Today. "We need to constantly review and assess the threats and our capabilities."
Source http://indiatoday.intoday.in/story/stuxnet-cyber-war-critical-infrastructure-of-india-ntro/1/216107.html

Comments

Post a Comment

Popular posts from this blog

How a cyber attack hampered Hong Kong protesters

By Explorer -
Image
Massive public protests taking place in Hong Kong over the past week are aimed at a new extradition law, known as the Fugitive Offenders Ordinance , that would see accused criminals extradited to mainland China to face prosecution. Hongkongers feel the law could be used to legalise the kidnapping of people who express views, and act in ways, that are not popular with the Chinese government . The same law could also be used to extradite tourists and visitors to China who are arrested on suspicion of having committed these crimes. Protesters want the bill scrapped. For now, debate of the legislation has been postponed . Organisers say one million people turned out for the protests, while police estimate the number was around 240,000. Either way, it was a significant number of Hong Kong’s 7.5 million population. Commentators on Twitter remarked on how well organised the protesters were. So, how did they do it? Protesters across the world are using n
Read more

Former FARC guerrilla, Colombian cop pose naked together to promote peace deal

By -
Image
There are very few There are very few countries in the world where the advancement of peace talks to end a decades old civil conflict leads two gorgeous women to strip naked and canoodle for a sexy magazine shoot. Israel and Palestine? Don't think so. North and South Korea? Wouldn't bet on it. Ukraine? Possibly, but not likely. Colombia, however... absolutely! With major breakthroughs occurring in the long-running peace talks between the Colombian government and the Marxist Revolutionary Armed Forces of Colombia (FARC) guerrilla group, a former member of Colombia's version of the FBI and a former guerrilla decided to give peace – and nude modelling – a chance. That's how Isabel Londono, a former member of Colombia's now defunct national intelligence agency DAS, ending up wearing a skimpy black bra and panties as a nude Ana Pacheco, an ex-FARC guerrilla, nestles up next to her for the cover shot of Soho, a Colombian men's magazine. "We have never gotten into
Read more

‘Not Hospital, Al-Shifa is Hamas Hideout & HQ in Gaza’: Israel Releases ‘Terrorists’ Confessions’ | Exclusive

By Explorer -
 According to a video of interrogation of "Hamas terrorists" released by Israel Security Agency Shin Bet, accessed exclusively by News18, "The Shifa hospital has been made with many considerations as Hamas knew that medical places won’t be attacked by the enemy. Equipment, explosives and other material has been kept there." Hamas is using hospitals in Gaza as covers and have turned them into ammunition depots, according to a video of interrogation of “Hamas terrorists" released by  Israel Security Agency  Shin Bet, accessed exclusively by News18. ALSO READ | Israel-Hamas War LIVE Updates  HERE The Israeli military has claimed that those featuring in the video released on Saturday are Hamas terrorists, who participated in the  October 7 attack  on Israel. “Most of the tunnels are hidden in hospitals. There are multiple underground levels. Al-Shifa Hospital is not small, it is a big place that can be used to hide things," a man is seen saying. “The Al-Shifa
Read more