A Digital Cadre...
- The Union home ministry is supporting the launch of a database of hackers who protect India’s online interests
- India has repeatedly come under attack from hackers who have stolen classified data
- ’Official’ hackers will defend key areas such as banking, telecom, defence etc from cyber attacks
- The database is to be launched at a conference on hacking to be held in Mumbai next week
Having suffered repeated attacks by hackers from across the globe, the Indian government has decided to turn to people who can fight them best—hackers themselves. The Union ministries of home affairs and information, communication & technology are backing a move by the Information Security and Analysis Centre (ISAC), a not-for-profit group based in Mumbai, to launch a pool of hackers who will be trained to protect India’s critical infrastructure, including the banking, power and telecom and space research sectors, from cyber attacks. The National Security Database (NSD) will be launched next week at a hacking conference in Mumbai.
Alok Vijayant, director of the information dominance group at the National Technical Research Organisation, the nation’s chief technical intelligence monitoring authority, says NSD should not be “trivialised” by describing it as just as a group of hackers. “Supported by the government and the industry, NSD is a good initiative, since it will provide a readymade database of the most credible security professionals. This is more so because information security is a domain where individuals have the skills and not companies and they tend to regularly move from one firm to another.”
Hacking attacks targeting India have risen dramatically, especially in the last few years, and have gone beyond just defacing websites. Most of these attacks are thought to have originated from within China and Pakistan. In 2010, researchers from the Munk School of Global Affairs at the University of Toronto found out that a China-based computer spying ring had gained illegal access to Indian government computers and had ferreted out sensitive information related to defence, foreign affairs and the Dalai Lama. The same year a computer worm called Stuxnet, which infects Siemens industrial software and equipments, was reported from across India and suspected to have damaged ISRO’s INSAT-4B satellite. And in July this year, a group of hackers released copies of sensitive correspondence between representatives of the Indian embassy in Moscow and a local military hardware manufacturer.
According to Dominic K., a cyber security expert and a core team member of ISAC, the database will provide an “ecosystem that encourages cyber security specifically focused on protecting India’s interests. Wars in the future will not be fought with guns and bullets but with bits and bytes”.
Interested hackers will be recruited into the NSD after appearing for an exam that will be held at regular intervals and will cost Rs 25,000 for every attempt. Training will be provided for free. Once selected to join NSD, they will be paid a monthly stipend. Some of the domains they can specialise in include fraud investigation, digital forensic analysis. The government will also, from time to time, specify areas where skills may be needed to be built. And given that they will be working for the government, these hackers, according to the promoters of NSD, will also be provided with a legal cover for their hacking activities.
While the government has engaged the services of hackers before, NSD is perhaps the first time it is going to depend on a readily available and structured database of hackers. Given that they will be handling sensitive information, ISAC director Rajshekhar Murthy says it is necessary to have people who are not only competent but also have a high degree of trustworthiness and integrity. “The selection process will involve examination of references, technical skills, criminal history, and even psychological assessment to generate a credit report for security clearance.”