‘Malware reads like Chinese, may not be from China’

Updated on Aug 27, 2012 11:04 PM IST

The Chinese have gained notoriety for cyber hactivism, but not everything that comes with the dragon’s signature may have originated from there.

HT Image
HT Image
Hindustan Times | By, New Delhi

The Chinese have gained notoriety for cyber hactivism, but not everything that comes with the dragon’s signature may have originated from there.

Alok Vijayant, a key official of the National Technical Research Organisation (NTRO), India’s technical intelligence agency, has advised experts against jumping to conclusions while investigating cyber attacks.

“Don’t believe everything you see because we have investigated a couple of malware (malicious software) that had distinct signatures of the Chinese (but found that they were red herrings),” Vijayant told forensic and cyber security experts at a conference held this week.

When researchers dug deeper, they found that the software program in Chinese script was nothing more than gibberish. Stating that the malware continued to work even when that part of the program was removed, Vijayant said it must have been an attempt to deliberately lay the blame at China’s doors.

“You have to be very careful, because you are the people who will eventually have to analyse such malware for government agencies,” he said at the OWASP InfoSec India Conference on Friday.

However, this doesn’t mean that the Chinese are all clean. Given the dubious reputation earned by Chinese software developers, Australian defence minister Stephen Smith and his entourage decided to play safe and leave their mobile phones and laptops behind in Hong Kong before visiting Beijing in June.

Chinese software programmers depend a lot on malware for gaining IT dominance, an Indian intelligence official said, adding that the current Chinese strategy was to collect information from other countries.

A model unveiled by Vijayant at the security conference showed how covert cyber attacks – which leave misleading footprints – could be used to drive a wedge between different countries. “A distinct signature may not be what you actually want to look at,” he told his audience of security experts. “I am not going to write a Tamil script into my malware if I am to push it through … The beauty of the game is to stay anonymous.”

SHARE THIS ARTICLE ON
  • ABOUT THE AUTHOR

    Aloke Tikku has covered internal security, transparency and politics for Hindustan Times. He has a keen interest in legal affairs and dabbles in data journalism.

SHARE
Story Saved
×
Saved Articles
Following
My Reads
My Offers
Sign out
New Delhi 0C
Tuesday, October 04, 2022
Start 15 Days Free Trial Subscribe Now
Register Free and get Exciting Deals