New Delhi’s claim that Pakistan websites triggered recent violence in Mumbai and provoked the exodus of the northeast community in Bengaluru may indeed be true. But India is left only pointing fingers and struggles to counter these attacks. Vicky Nanjappa finds out why
A group, which called itself the Pakistan Cyber Army, hacked the Central Bureau of Investigation website in December 2010. Further mocking India’s cyber security the same group of hackers raided the Bharat Sanchar Nigam Limited website a few months later.
Earlier this year, Pakistan-based hacker groups hacked 112 Indian websites in a span of three months leaving India red-faced.
The panic that spread after the Assam violence because of images uploaded from Pakistan that caused thousands of people from the northeast to flee Bengaluru is a matter of grave concern. However, little has been done to put the national cyber security policy in place.
Union Home Secretary R K Singh has accused websites in Pakistan of spreading false rumors and that investigators had found that most of the websites used images of people killed in cyclones and earthquakes and passed them off as Muslims killed in violence earlier this year to spread fear of revenge attacks.
This clearly is the biggest instance of cyber warfare on India in recent times and the threat continues not only from Pakistan but also from China.
While China looks to snoop into important defence information, Pakistan on the other hand defaces Indian websites and uses Indian networks to spread hatred via cyber space.
The greatest threat comes from the Pakistan Cyber Army and from a group called the Team_H4tr!ck, which have been largely responsible for hacking Indian websites.
Both these groups in the past have hacked the BSNL website and claimed to have gained access to users’ information, which included names, e-mail addresses, phone numbers and location details. Investigators had pointed out then that the database that they managed to collect could have been used for subversive activities.
Pakistan has engaged in a cyber war since 1998 and since then created many groups to hack into websites of developing nations especially India. There have been several attempts by Pakistani hackers to hack into the Bhabha Atomic Research Centre website.
Groups such as the armyinkashmir, Pakistan G Force, Pakistan Cyber Army, Pakistan Hackers Club have targeted nearly 500 websites while Indian hacker groups have made 40 such attempts.
Moreover, social media today is a favourite tool of terror groups to spread jihad. Recently, investigations into the Indian Mujahideen and its activities revealed that encrypted messages have been passed on through social media.
The IM during the Delhi blasts used networking sites to create fake accounts. Not only did they share information between each other but also managed to conduct a recruitment drive. During this investigation, it was also found that the IM had been using lesser-known websites to communicate.
According to experts, the National Cyber Security Policy is not fully in place. In addition to this, our servers are vulnerable.
Moreover, Pakistan-based hackers are completely funded by its intelligence and unlike their counterparts in India they are fully protected. There has been a lot of intelligence regarding Pakistan groups using the social media and other websites to create panic.
It was in this context that the Rs 800-crore National Cyber Coordination Committee was mooted. The NCCC will monitor content on social media and pass on information to intelligence agencies.
Experts however feel that these are organisations are controlled by the government and this would lead to red-tapism. Although India does have a cyber army, many feel that they need more patronage from the government.
What India needs is a dedicated cyber army, which will counter these attacks.
Cyber security experts point out social networking sites need to be monitored 24X7. India’s approach has been more reactive than pro active and more often than not we have been acting only once the crime is committed.
Statistics show that India has not taken cyber threats very seriously. In 2007, there were 217 such attacks and in 2010 and 2011 the attacks went up to 966 and 1,000 respectively.
Experts also add that the recent cyber attacks are easier to track. However, with worms like Flame and Stuxnet doing the rounds the challenge only gets bigger.
India has blamed Pakistan for spreading panic after the Assam violence, but they need to back their claim by arresting the culprits.
India is yet to amend laws pertaining to cyber security. Since 2010, 805 people have been arrested for cyber crimes but the conviction rate is only one per cent. The lack of a stringent laws and proper investigation has only led hackers to believe that they can easily get away with such crimes.
India has plenty to offer on paper. The proposed National Cyber Security Policy is aimed at designating agencies to block intrusions into our cyber space. According to this plan, the web would be constantly monitored.
A technical-professional body certifying the security of a network and defending critical infrastructure was to be created. But this plan is yet to take off and it awaits appointment of a coordinator.
Many ethical hackers feel that giving them patronage and also a free hand to monitor the situation would go a long way in helping cyber security. But at the same time they have their reservations, as the government approach towards them has not been positive.