Seeing red in hacker nation
The next big war will be fought in Cyberia. India’s giant neighbour is working hard at it.tech reviews Updated: Feb 13, 2010 17:58 IST
Up north and west, US troops and drones fight on in Afghanistan. Nearer home, little border skirmishes keep our armed forces busy. But across the planet, there’s another war going on – in cyberspace.
Last year, Estonia’s Internet infrastructure was taken down by attacks from Russia, after a dispute over a world war memorial. Russia has a legion of cyber-warriors, both freelance and state-sponsored. But those prolific attackers have a new competitor. Some 90 per cent of intrusions into US defence systems or other networks now come from China, which also regularly targets British government offices. Over 60 per cent of all cyberattacks on German systems come from China, mostly from the cities of Lanzhou and Beijing, and Guangdong Province, centres of high-tech military operations.
How difficult is it to launch a cyber-attack? Not very. Take the person who decided to hit Swedish mobile-phone giant Ericsson. He sent out a mail saying that Ericsson would give you a free phone “if you forward this mail to eight others each – mail with a copy to anna.swelund @ericsson.com”. Within days, millions of mails brought down Ericsson’s network. Piece of cake – or dosa.
The DoSA – or Denial-of-Service Attack – launches an enormous amount of traffic aimed at a site or network, overwhelming it. Real users find they cannot reach the site. But there are many weapons used in a modern cyberwar.
Cyber espionage goes on all the time. It’s about getting secrets from people – from passwords and financial details, to government secrets. Pretty easy, in India. Most senior Indian government officials prefer to use a Gmail or Yahoo account over their government email system, and keep falling prey to phishing attacks.
From 2003 onward, Chinese military hackers launched a series of coordinated attacks on US computer systems, for over a year (look up ‘Titan Rain’). They cracked many networks, including NASA’s and Lockheed Martin’s. In 1999, a series of attacks originated in Moscow, where hackers reportedly picked up classified naval codes and missile system information (search for ‘Moonlight Maze’).
And last month, Google reported “highly sophisticated attacks on our infrastructure” from China – all aimed at Chinese human-rights activists’ Gmail accounts. And said that Chinese-origin attacks on Gmail accounts of human rights activists around the world were “routine”.
Google said it would stop censoring its search results in China, as Chinese law required it to do, and might thus even (to the delight of Baidu, the home-grown search engine and the dominant player in China) pull out of China. An explosion of hacking attempts on Gmail accounts followed. Google sulked, China sneered, Baidu cheered.
After a piece I wrote about China’s cyberwar got picked up over 50,000 times on the web (see bit.ly/PKR-China) I found repeated hack attacks on my Gmail, password change attempts, and lockouts.
Then there’s Web vandalism: defacing web pages. Hackers in Pakistan have done that to Indian sites. Or the vandal may hijack the address: for instance, typing TCS.com on February 7 took you to another site, saying TCS.com was for sale. All this rarely does real damage, unless the vandals go further and steal data or money (from a bank site).
More serious is the equipment disruption attack, which can intercept military orders, even missile launches. This is among the most serious kind of attack. The attacks could be on the military command system, or on military infrastructure, or even on critical civilian infrastructure, such as power and communications, during warfare.
And you may have compromised equipment with malicious software hidden inside. That’s why the Indian government is wary of allowing Chinese firms to bid in critical telecom equipment tenders.
China is a rogue nation, a military dictatorship masquerading as a people’s government. It is an apparent economic success, but its aspiration to economic superstardom is not compatible with its politics. Its system is backed by raw military power. Its guiding principles are control and paranoia. All media is censored. Politely disagree, and you are locked up for 11 years. If you were in China writing what I am writing here, you would disappear.
China has been waging a low-intensity cyberwar against India and others: businesses, and all “enemies” – human rights activists and dissidents. Our former national security adviser admitted to Chinese cyber-attacks on the PMO; our military agencies don’t ever admit to anything. The next war will be fought not with conventional or nuclear weapons, but in cyberspace. Despite our business technology prowess, India is the Athens to China’s Sparta. We are ill-equipped to fight this war.