China Not The U.S.'s Only Cyber-Adversary Reports of cyberespionage out of India are a wake-up call for U.S. businesses, government agencies


By Kelly Jackson Higgins  Jan 11, 2012 | 05:41 PM

China long has been the focus of U.S. authorities and security researchers as a major source of cyberespionage against the U.S., but potential new evidence of targeted attacks by India against the U.S. demonstrates just how widespread cyberspying might be.

Even with increasing questions today surrounding the authenticity of a purported Indian military document leaked by a group of self-professed Indian hackers who claim to be part of the Anonymous hacktivist movement in the wake of an investigation into whether India pilfered emails from the U.S.-China Economic and Security Review Commission, the events have spurred discussion about cyberespionage by nations other than China, which has been synonymous with the advanced persistent threat (APT).

As with any intelligence campaign, the subterfuge makes it difficult to pinpoint with certainty who did what, why -- and even whether the hackers are who they say they are. In the latest development, Infosec Island today reports that the hacktivists, who call themselves the Lords of Dharmaraja, showed the news site evidence that Indian government cyberspies gained access to U.S. government agency networks, including a sample of some 68 username/passwords from federal agencies. The hackers say they nabbed those by infiltrating servers at the India Ministry of External Affairs and the National Informatics Centre.

That same hacker group also has claimed responsibility for grabbing Symantec Norton antivirus source code, though Symantec said the code was old and not stolen directly from its servers. In addition, the group claims to have hacked other businesses and that its main motivation is to disrupt the Indian government and push for a more "pro-American" climate, according to the Infosec Island report.

As experts debate whether the memo leaked by the Lords of Dharmaraja is legitimate and truly implicates the Indian government in cyberespionage, cyberespionage experts say the bottom line is that China isn't the only player in that game.

Art Coviello, executive chairman of RSA Security, says assuming targeted, cyberespionage-type attacks are solely out of one nation is naive. "It's very dangerous to point a finger at a particular country. You can draw inferences from ... circumstantial evidence," Coviello says. "To think it's just China or Russia or the U.S. or India is naive."

Experts like Coviello say it's likely that nations conduct some level of spying. "The question becomes, is it traditional spying in the time-honored sense that they've been doing? Or is it more economic or is it potentially a military preparedness use of a cyberattack? All of these things need to be studied and evaluated," he says.

Much of the so-called APT-type attacks have had ties to China, of course, including the Aurora campaign that hit Google, Adobe, Intel, and other major corporations. But that doesn't mean other nations shouldn't be on the lookout list, experts say.

"This is exactly what I've been warning about for several years: too much focus on China while missing everyone else, including Allies," says Jeffrey Carr, CEO of Taia Global. Carr believes that if India could be waging traditional spying as well as grabbing intell for a competitive edge like China does.

Carr says it's likely the military memo claiming mobile phone surveillance is a fake:"The Lords of Dharmaraja are mixing authentic stolen data with invented scenarios in order to get more publicity for themselves," he wrote in a new blog post.

[ It's not about prosecuting the nameless, faceless attackers behind relentless targeted attacks -- it's about minimizing the damage they incur.
See To Catch An APT. ]

Several elements of the Indian hacktivist claims don't add up neatly, expert say. The U.S. China Commission, for instance, appears to be an odd target for Indian intelligence unless the actors are after information on what the U.S. knows about China. Sources told Reuters today the Indian military memo could be a fake due to some inconsistencies. But so far, no one knows for sure.

Richard Stiennon, chief research analyst at IT-Harvest and a cyberespionage expert, says he's not surprised that India would be interested in Chinese intelligence. "China and Pakistan are India's biggest geopolitical interests," he says. "We've seen more interest in cybersecurity in India" of late, he says, especially after the recent discovery of breached Indian military servers that were being used as part of a botnet.

If the Indian military memo is legit and not a forgery, Stiennon says, then it represents the first real piece of public evidence of cyberespionage. "This would be the first time we've gotten a look at proof of espionage between India and the U.S.," he says. Even the highest profile APT-type attacks like Aurora weren't fully disclosed with documentation that pointed to Chinese cyberespionage, he says.

And as is common with these types of attacks -- where the perpetrators hide behind layers of IP addresses and other walls -- there's still no confirmation that the Indian hacker group is who it says it is. "When we see an attack from an IP address from China, it could be a stopping-over point for another hacker or country," Stiennon says. "We don't know about this group in India: Are they actually another nation-state? Is it Pakistan trying to strain the relationship between the U.S. and India?"

Read the article online here: http://bit.ly/xDv1Cq

Comments

Post a Comment

Popular posts from this blog

Report: World’s 1st remote brain surgery via 5G network performed in China

World’s 1st remote brain surgery via 5G network performed in China Published time: 17 Mar, 2019 13:12 ·           A Chinese surgeon has performed the world’s first remote brain surgery using 5G technology, with the patient 3,000km away from the operating doctor. Dr. Ling Zhipei remotely implanted a neurostimulator into his patient’s brain on Saturday, Chinese state-run media  reports . The surgeon manipulated the instruments in the Beijing-based PLAGH hospital from a clinic subsidiary on the southern Hainan island, located 3,000km away. The surgery is said to have lasted three hours and ended successfully. The patient, suffering from Parkinson’s disease, is said to be feeling well after the pioneering operation. The doctor used a computer connected to the next-generation 5G network developed by Chinese tech giant Huawei. The new device enabled a near real-time connection, according to Dr. Ling.  “You barely feel that the patient is 3,000 kilometers away,”  he said.
Read more

Visualizing The Power Of The World's Supercomputers

Visualizing The Power Of The World's Supercomputers   BY TYLER DURDEN FRIDAY, JAN 21, 2022 - 04:15 AM   A supercomputer is a machine that is built to handle billions, if not trillions of calculations at once. Each supercomputer is actually made up of many individual computers (known as nodes) that work together in parallel. A common metric for measuring the performance of these machines is  flops , or  floating point operations per second . In this visualization,  Visual Capitalist's Marcus Lu uses  November 2021 data from  TOP500  to visualize the computing power of the world’s top five supercomputers. For added context, a number of modern consumer devices were included in the comparison. Ranking by Teraflops Because supercomputers can achieve over one quadrillion flops, and consumer devices are much less powerful, we’ve used  teraflops  as our comparison metric. 1 teraflop = 1,000,000,000,000 (1 trillion) flops. Supercomputer Fugaku  was completed in March 202
Read more

BMW traps alleged thief by remotely locking him in car

BMW traps alleged thief by remotely locking him in car Stealer's Wheel? Seattle police department quotes "Watchmen" movie in a recap of the recent arrest. Tech Culture by Gael Fashingbauer Cooper December 4, 2016 5:00 PM PST It's maybe the most satisfying arrest we can imagine. Seattle police caught an alleged car thief by enlisting the help of car maker BMW to both track and then remotely lock the luckless criminal in the very car he was trying to steal. Jonah Spangenthal-Lee, deputy director of communications for the Seattle Police Department, posted a witty summary of the event on the SPD's blog on Wednesday. Turns out if you're inside a stolen car, it's perhaps not the best time to take a nap. "A car thief awoke from a sound slumber Sunday morning (Nov. 27) to find he had been remotely locked inside a stolen BMW, just as Seattle police officers were bearing down on him," Spangenthal-Lee wrote. The suspect found a ke
Read more