On July 7, 2010, tens of thousands of people watching television in India experienced a sudden interruption of broadcasts. Angry calls to service providers led nowhere, because the problem lay about 36,000 kilometres away in outer space, where an Indian satellite had suddenly lost half its data transmitting capacity.

The Indian Space Research Organisation blamed the disruption to the direct-to-home telecasts on a power glitch in Insat-4B’s solar panels. But many cyber security experts believe it was caused by a worm called Stuxnet, a deadly virus that allegedly crippled Iran’s top-secret uranium enrichment capabilities the same time last year.

In India, cyber experts are not willing to speak openly on Stuxnet’s role in disabling the satellite. But Jeffrey Carr, founder and CEO of Taia Global Inc., a company that provides physical and cyber security to company executives and politicians, claims he has found evidence on this. His findings will be presented in a paper at a conference in Abu Dhabi later this year, the authority on cyber security writes in a column.

But many fear this is just the tip of the iceberg. A report by Symantec, the US security software company, says that 2010 saw a 93 per cent increase in the number of attacks since 2009. Indeed, the list of Indian websites that have been attacked in recent times includes websites of the armed forces, Indian embassies, the Tibetan government-in-exile, the office of the Dalai Lama, Wipro Infotech, the Central Bureau of Investigation and the Bank of India. National Informatics Centre (government) servers and those of private companies such as DLF and Tata entities, to name a few, are also said to have been hacked.

Some call this cyber warfare, others describe it as cyber attacks. What’s clear though is that India’s security system in a range of outfits is vulnerable to hacking, which can lead to the leak of classified information — from the government’s secret files to an individual’s personal data such as PAN number and bank accounts.

“I do believe that right now, as we speak, we are seeing the next big steps in the next revolution which will likely be as large as the technological revolution that happened over the last 70 years since World War II,” says Mikko Hypponen, chief research officer for F-Secure, a leading software service provider based in Finland, and an authority on cyber security. “And we will be seeing a massive new cyber warfare revolution.”

To be sure, cyber warfare is described as a state of war between nations — which is not the situation in India. And India has been the victim of cyber attacks, not a perpetrator. “We are not into warfare at all,” says Gulshan Rai, director, Indian Computer Emergency Response Team (ICERT), part of the government’s department of information technology. “Warfare means when you launch a war against another country — like what happened in Estonia.”

In 2007, the Baltic country had the dubious honour of being the first victim of a massive cyber attack of any sort. Over three days, its government, Parliament and even news broadcasting sites were effectively shut down. Websites and servers were flooded with so much data — creating what’s called traffic jams — that people could not access them anymore. Hypponen describes it “cyber gang war”.

What makes cyber attacks murky is that responsibility cannot be clearly pinned on those behind the hacking. The threats aren’t just from foreign powers. An attacker can be anybody, from terrorists to plain hackers disrupting a system for the fun of it.

“We always say China and Pakistan are responsible [for cyber attacks],” says Abir Atarthy, a Kharagpur-based cyber security consultant who has tested network security for Google, the US National Aeronautics and Space Administration, and Microsoft. “But it’s almost impossible to prove this.”

For example, with a simple technique called IP switching, one can keep changing one’s apparent location. “I can be sitting in India and hacking into a secure Pakistani network. To the people tracking me, it won’t look like I’m in India. I will be in England, then five minutes later I will appear in Brazil, and minutes later, somewhere else.”

Despite the ominous signs, India doesn’t believe it has cause for concern. Rai says that on an average 5,000 Indian websites are hacked in a year. “Less than five per cent of these cases compromise government sites,” he says. “This is because these sites are largely hosted on the NIC servers. A rigorous security audit is done on sites hosted on NIC once a year, and NIC has strengthened its infrastructure over time.”

Still, the government view doesn’t quite tally with that of other experts on how secure India’s cyber set-ups are.

Rai rates India’s cyber security apparatus a seven on a scale of one to 10, with 10 being a perfect score. “But we do need to look into issues such as a strong awareness programme among the public, augmenting capacity development, research and development and mitigation of cyber attacks.”

On the other hand, Atarthy gives India a five or even less on the scale. “Our government sites are not very secure, and there are regular attacks on them. And if we talk about cyber warfare, one of its complications is that banks and telecom companies are also important targets for foreign hackers,” he says.

The statistics seem to agree with Rai’s assessment. According to a 2010 report by SecureWorks, the global information security service provider, India is the safest nation in terms of cyber attacks. The report found that there were 4,81,00,000 active computers in the country, but only 35,16,341 total attempted cyber attacks, or 52 incidents per 1,000 computers. These numbers are inclusive of all forms of cyber attacks, such as email phishing, and not just hacking attempts. Compare this with the US, where a total of 26,57,00,000 active computers faced 44,10,03,516 number of attempted cyber attacks — or 1,660 per 1,000 PCs.

And while over 35 lakh attacks might seem worrisome, Group Captain T.K. Singha, chief press officer, defence, eastern region, says, “We have a good sense of security. In secure areas, printers are centralised, and we can take a printout only after we follow certain procedures. We cannot send out mass mailers, and no one is allowed to bring in their own personal storage devices.”

Nevertheless, the government is looking at ways of strengthening its forts in the cyber world. “A crisis management system has been developed,” says Rai. But he also adds that “states and organisations need to put this in place”.

Sources close to the army say it has even been recruiting ethical hackers (hackers hired by governments and companies to test security systems) to build a cyber army to shore up defences and improve offensive potential.

The three wings of the armed forces have been working on their own separate networks. The air force inaugurated AFNet in September last year, integrating all aspects of its work under its own secure network.

The navy has also been busy with its cyber defences. “The navy is acutely aware of the need for cyber security, and we are taking appropriate measures to ensure security,” says Commander P.V.S. Satish, the navy’s press officer. It is building its own network, Newn (Navy Enterprise Wide Network), which will integrate all its departments.

The army’s version is called Ascon (Army Strategy Communications Network). Says the army’s press officer, Colonel S. Om Singh, “The army is getting a dedicated satellite for its own communications. And no mobile devices are allowed to be used during operations and in secure areas.”

That leaves the question of civilian targets. Hypponen points out that a big part of India’s infrastructure is in the private sector. “Banks are a very good example. They are at the heart of our critical infrastructure, and are also online.”

A more immediate concern is that no matter how secure you make your critical networks, they are only as strong as their weakest link. Regardless of whether the NIC servers are offline, they can be compromised, like in June when the hacker group Anonymous brought down an entire NIC server.

Cyber espionage may be a wonderful tool but it by no means has made traditional methods of espionage or warfare obsolete. Vivek Tarmar, a cyber security consultant and a core member of the National Cyber Security of India, a non-profit group set up by an enigmatic “Mr Om” dedicated to combating cyber crime and cyber terrorism, says that the most common first step to break into a secure network is “social engineering” — tapping someone for information.

“We have certified engineers being hired by undesirable elements, through coercion or otherwise,” says Tarmar. “These people know a system’s loopholes, and they sometimes discuss it with those they shouldn’t, or maybe even sell it as information.”

India’s cyber defence strategy seems to be solely reactive to new threats, partly because it’s hard to be proactive when there are too many unknowns. As Rai puts it, “Technology is a challenging area as new products come every day. We have to expand our system and meet these challenges because the attackers are more advanced than us.”

India is slowly moving towards an online culture. But along with that, there is a need to be aware of the problems that the culture brings with it.

SLASH AND HACK

Weapons of a cyber attack

Reconnaissance tools

Used to gather information about networks and systems to help plan attacks on that system or network.

Scanning tools

Used for in-depth data mining to get information on a target’s environment, its systems and other details.

Access and escalation tools

These allow you to escalate your level of security clearance once you penetrate a network.

Encryption tools

Effective in hiding data.

Stenography tools

These are used to create hidden messages through electronic data. For example, a video file with a lot of noise could actually be an encoded message.

Warfare or espionage?

Cyber warfare involves countries attacking each other and hasn’t really happened so far. The term cyber warfare is a catch-all term, and is currently limited to cyber espionage.