India prepares crisis management plan to counter cyberattacks

India’s Minister of State for Communications & Information Technology, Sachin Pilot in a written reply informed Rajya Sabha that the Government has taken several measures to detect and prevent cyber attacks/espionage. The reply stated that as per existing computer security guidelines issued by Government, no sensitive information is to be stored on the systems that are connected to Internet.

The Government has also formulated Crisis Management Plan for countering cyber attacks and cyber terrorism for implementation by all Ministries/ Departments of Central Government, State Governments and their organizations and critical sectors. The organizations operating critical information infrastructure have been advised to implement information security management practices based on International Standard ISO 27001.

Ministries and Departments have been further advised to carry out their IT systems audit regularly to ensure robustness of their systems. The Indian Computer Emergency Response Team (CERT-In) has already empanelled a number of penetration testing professionals through a stringent mechanism of selection to carryout audits. National Informatics Centre (NIC), providing services to Ministries/Departments is continuously strengthening the security of the network operated by them and its services by enforcing security policies, conducting regular security audits and deploying various technologies at different levels of the network to defend against the newer techniques being adopted by the hackers from time to time.

The Information Technology Act, 2000 as amended by the Information Technology (Amendment) Act, 2008 which came into force on 27.10.2009 provides legal framework to address the issues connected with hacking and security breaches of information technology infrastructure. Section 70 of the Act provides to declare any computer resource which directly or indirectly affects the facility of Critical Information Infrastructure, to be a protected system. Section 70B has empowered Indian Computer Emergency Response Team to serve as national nodal agency in the area of cyber security.   The Indian Computer Emergency Response Team (CERT-In) scans the Indian Cyber Space to detect traces of any untoward incident that poses a threat to the cyber space. CERT-In performs both proactive and reactive roles in computer security incidents prevention, identification of solution to security problems, analyzing product vulnerabilities, malicious codes, web defacements, open proxy servers and in carrying out relevant research and development. Sectoral CERTs have been functioning in the areas of defence and Finance for catering critical domains. They are equipped to handle and respond to domain specific threats emerging from the cyber systems.

CERT-In has published several Security Guidelines for safeguarding computer systems from hacking and these have been widely circulated. All Government Departments/ Ministries, their subordinate offices and public sector undertakings have been advised to implement these guidelines to secure their computer systems and information technology infrastructure. CERT-In issues security alerts, advisories to prevent occurrence of cyber incidents and also conducts security workshops and training programs on regular basis to enhance user awareness.   Ministry of External Affairs has also issued a comprehensive set of IT security instructions for all users of MEA and periodically updates them on vulnerabilities. The Indian Missions abroad have been regularly sending information on safe computing practices. All personnel posted to Indian Missions and Posts abroad are being imparted IT security training.

US Strategy for Cyberspace says that US will retaliate hostile acts in cyberspace with military means

“When warranted, the United States will respond to hostile acts in cyberspace as we would to any other threat to our country. We reserve the right to use all necessary means – diplomatic, informational, military, and economic – as appropriate and consistent with applicable international law, in order to defend our Nation, our allies, our partners, and our interests. In so doing, we will exhaust all options before military force whenever we can; will carefully weigh the costs and risks of action against the costs of inaction; and will act in a way that reflects our values and strengthens our legitimacy, seeking broad international support whenever possible.”

That isn’t a proposal from a technically challenged US Senator, but the text from the new US International Strategy for Cyberspace. This means you DDoS US and they’ll retaliate with missiles. This is perhaps the most extreme defense strategy against cyberattacks that any country has ever proposed, leave alone implementing it.

The new US cyberspace policy is meant to encourage ‘responsible behavior’ and oppose those who would seek to disrupt networks and systems, thereby dissuading and deterring malicious actors, while reserving the right to defend these vital national assets as necessary and appropriate. According to the policy, the United States will continue to strengthen its network defenses and its ability to withstand and recover from disruptions and other attacks. For those more sophisticated attacks that do create damage, US will act on well-developed response plans to isolate and mitigate disruption to its machines, limiting effects on our networks, and potential cascade effects beyond them.

The new policy has come in the wake of increasingly number of attacks on critical infrastructure that can potentially disrupt power, water and other utility services in the United States. More so, US on many occasions has indicated that they have ‘concrete evidence’ that the cyber attacks on their military websites and sensitive establishments have been coming from China, which is increasingly getting hungry for information.

Governments snooping more and more on Internet

Freedom on the Internet is coming under more and more threat from governments around the world, according to the second ‘Freedom on the Net’ (FOTN) report by the Freedom Institute for 2011.

The study of 37 countries found former Soviet republic Estonia to have the freest Internet, with a restriction of just 10 points, followed by the United States with a restriction score of 13.

The most restricted Internet is for users in Iran, Cuba, China and Burma, with restriction levels of between 83 and 89 (out of 100).

The overall trend, the report found, was towards less and less freedom on the Internet as governments become more and more alarmed at or better at controller what they consider uncomfortable exchange of information and co-operation through the Internet.

“Of the 15 countries covered in the pilot [report of 2009], a total of 9 registered score declines over the past two years,” the report noted.

Freedom House is an international non-governmental organization (NGO) based in Washington DC that conducts research and advocacy on democracy, political freedom and human rights, known for its annual report on democratic freedoms in each country.

Even in the newly added countries, the report, compiled by more than 40 researchers based around the World, found evidence of a “negative trajectory,” in at least half of them in the last two years.

It found increased government blocking, filtering, legal action, and intimidation to prevent users from accessing unfavorable content and in other places, cyberattacks, misinformation, and other indirect methods to alter the information landscape, such as creating dummy sites.

“These states are increasingly blocking and filtering websites associated with the political opposition, coercing website owners into taking down politically and socially controversial content, and arresting bloggers and ordinary users for posting information that is contrary to the government’s views,” it pointed out.

It held the increased governmental nervousness in many repressed countries to the role played by Internet-based organization and communication tools like Facebook, Twitter etc.

“In 12 of the 37 countries examined, the authorities consistently or temporarily imposed total bans on YouTube, Facebook, Twitter, or equivalent services,” it noted.

The report found that out of the total 6.5 billion people in the World, over two billion now have access to the Internet — nearly double that of five years ago.

• Specific examples of Governments blocking or manipulating Internet chronicled in the report include the following:South Korean authorities blocked access to an estimated 65 North Korea–related sites, including the official North Korean Twitter account, launched in August 2010.
• A Chinese woman was sent to a labor camp over a satirical Twitter message,
• An Indonesian housewife faced high fines for an e-mail she sent to friends complaining about a local hospital.
• A 19-year old Tibetan was detained after looking at online photographs of the Dalai Lama.
• A Thai judge in March 2011 sentenced a web developer to 13 years in prison for comments he posted and for refusing to remove the remarks of others.
• In Thailand, at least one editor is facing criminal charges over reader comments that were critical of the monarchy.
• In Belarus, the country’s largest ISP, the state-owned Belpak, redirected users from independent media sites to nearly identical clones that provided misleading information, such as the incorrect location of a planned opposition rally.
• In Egypt, officials shut down the Internet nationwide for five days in January in an unsuccessful attempt to curb anti-government protests. The operation was accomplished within the span of one hour.
• The award for the best anti-freedom activities on the Internet was given to the Chinese government.

Among the strategies developed by the Chinese government, it is hiring people to post pro-government comments in discussion to drown dissenters and complainers. Such people even have a name, the “50 Cent Party”, the report noted.

“Recruiting advertisements for similar commentators have reportedly begun to appear on Russian job sites,” it pointed out.

“China has emerged as a major global source of cyberattacks. Although not all attacks originating in the country have been explicitly traced back to the government, their scale, organization, and chosen targets have led many experts to conclude that they are either sponsored or condoned by Chinese military and intelligence agencies.

“The assaults have included distributed denial-of-service (DDoS) attacks on domestic and overseas human rights groups, e-mail messages to foreign journalists that carry malicious software capable of spying on the recipient’s computer, and large-scale hacking raids on the information systems of over 30 financial, defense, and technology companies, most of them based in the United States.

“In addition, independent analysts have detected cyberespionage networks that extend to 103 countries as part of an effort to spy on the Tibetan government-in-exile and its foreign government contacts,” the Washington-based organization noted.

Anonymous officially denies involvement in PSN outage

Sony’s Playstation Network is still suffering an outage even after more than 48 hours since it began. According to Sony’s blog, the interruption in service may last into the long weekend – for at least another “full day or two”.  Sony released a statement through its EU blog, saying that the network outage may be a result of “targeted behaviour by an outside party”, brining in the possibility of cyberattacks. Adding to the confusion is the fact that the message has since been removed. The hacktivist group Anonymous has been suspected for the attacks since the group openly warned Sony against attacks last week. However, tired of the allegations against it, the Anonymous has finally officially denied any involvement.

In the official statement, Anonymous today said, “While it could be the case that other Anons have acted by themselves, AnonOps was not related to this incident and takes no responsibility for it. A more likely explanation is that Sony is taking advantage of Anonymous’ previous ill-will towards the company to distract users from the fact the outage is accutally an internal problem with the companies servers.”

The PSN users are highly annoyed with this incident as they cannot play their favorite PS3 games online on this long weekend. There couldn’t have been a worse time for an outage of this proportion.