Thursday, November 17, 2011

India’s National Informatics Centre Servers Compromised

Attacking and compromising the servers located in various countries has become a common practice for cyber criminals. By compromising the servers of various nations, these cyber criminals can launch general and sophisticated cyber attacks, without much chances of their identity being known to the victim individuals, organisations and nations.

Cyberspace is boundary less and it is very difficult to prevent cyber attacks from different jurisdictions. Essentially cyber security is an international aspect that must be dealt with at the international level. An international cyber security cooperation and treaty is required that can take care of various issues like cyber attacks, cyber warfare, cyber terrorism, cyber espionage, etc.

For instance, even if a cyber attack can be located to a particular jurisdiction, “attributing” the same to a single individual or organisation/nation is really difficult. This means we cannot pinpoint with absolute certainty that a particular nation is behind a particular cyber attack. This raises a very complicated jurisdictional and attribution problem.

The starting point to gather sufficient information pertaining to cyber attacks existing simultaneously at various jurisdictions is to have an internationally acceptable cyber security cooperation. An internationally acceptable cyber crimes/law treaty is also required in this regard.

Cyber attacks against India as well as from India are increasing. For instance, the servers of the Indian National Informatics Centre (NIC) have been attacked and compromised successfully in recent months and were used to launch attacks on countries including China.

Indian critical infrastructure protection is already in bad shape. Further, we also do not have any critical ICT infrastructure protection policy in India. Indian nuclear facilities are vulnerable to cyber attacks from Malware like Stuxnet. It is also believed that Stuxnet was also responsible for the destruction of an Indian broadcasting satellite.

India is already investigation the Duqu Malware that used the command and control servers located in India. Fortunately Stuxnet virus removal tools and Duqu virus removal tools are already available free of cost that can be used to test various systems for these Malware. Perhaps time has come for a cyber command and control authority of India that can take care of these cyber threats.

No comments:

Post a Comment