» cybercrime »
This is Kargil on the Net. In what seems to be a serious intelligence lapse, hackers on the payroll of Pakistan's intelligence agency, ISI, have successfully gained access to sensitive information from at least two nuclear laboratories in India. So serious has been the intrusion through the Net that the defence and home ministries and intelligence agencies have sought the help of Mumbai- and Bangalore-based cyber security firms. Besides, the government also discussed the issue with a Microsoft delegation that was in Delhi to launch its Strategic Technology Protection Programme that helps customers address network security issues.
Says Howard A. Schmidt, chief security officer of Microsoft who had a series of meetings with officials last fortnight: "India, along with a number of Asian nations, needs to have a better understanding of cyber security, especially for educational, nuclear and atomic institutions because of their sensitive nature."
Senior home ministry officials admitted that hackers have repeatedly defaced the sites of the Trombay-based Bhabha Atomic Research Centre (BARC) and the Kalpakkam-based Indira Gandhi Centre for Atomic Research (IGCAR). "IGCAR's been hacked as many as seven times this year," sources told Outlook. "This means the ISI has accessed information about highly sensitive data relating to India's nuclear test management."
The officials said the government was furnished data this February on the presence of a spy program in the mail server of the Delhi-based Nuclear Science Centre. In addition, the websites of two Calcutta-based institutes—the Variable Energy Cyclotron Centre and Saha Institute of Nuclear Physics—were also defaced this year by Pakistani hackers.
It is time the government takes cyber espionage seriously. According to defence analyst Indranil Banerjie, state-owned companies like the National Informatics Centre—which manages the main servers and websites of all government organisations—need to update their security roll-up packages.
The first infiltration into BARC was in 1998 when it was hacked by three members of Milworm, a Pakistan-based hacker group. Since, BARC servers have been favourite targets for Pakistani hackers. "This year alone, at least one spy program has been detected in a BARC mail server. There have been six other intrusions," says an official.
The first intrusion into IGCAR was reported in January this year when G-Force, a Pakistani hacker group, defaced its main server. Subsequently, other servers in IGCAR have been repeatedly hacked by G-Force. RAW officials have identified one hacker as Rsnake who is said to have copied the master database from IGCAR and provided some data to Pakistani intelligence as proof of his access.
The ISI realised the importance of hackers after BARC was hacked in 1998. The first Pakistani hacker group—Pakistani Hackers Club—was formed by two hacktivists who used the pseudonyms DoctorNuker and Mr Sweet. DoctorNuker took to hacking when he was a computer science student at Karachi University. Along with fellow hacker Dizasta (real name Fahad Shamshek Khan) he started hacking into critical Indian and US servers. DoctorNuker, say RAW officials, was the first hacker whose skills were recognised by the ISI and under the latter's directives, focused on critical Indian government servers (especially those relating to nuclear and atomic establishments).
But RAW officials say the most active Pakistani hacker this year has been a person impersonating as Rsnake, who started hacking from the Netherlands as an employee with the iquip.com group of portals. Inspired by DoctorNuker, he started the hacker group G-Force from Holland. The ISI has now got him to Pakistan to coordinate other hackers targeting Indian websites.
Says Dr Anurag Singh, CEO of Cyber Security Systems, which is currently in touch with several state-owned institutions and the CBI to help improve their security systems: "The government needs to work on a war footing to check such hackers because servers without security tools reflect the organisation's vulnerability. Besides, it opens the door for an eventual attack on the highly-sensitive internal server."
The US, UK and Australia work jointly to combat cybercrime under the Echelon project. India too needs to put in place a coordinated programme if it wants to safeguard sensitive information.