Chinese cyber-attacks on the Indian government are in line with Beijing’s strategic doctrine, reports Anirudh Bhattacharyya.world Updated: Apr 12, 2010 00:42 IST
Chinese e-spying on India’s diplomatic missions and defence establishments is much more widespread than previously thought.
The Canada-based Information Warfare Monitor (IWM), which discovered this some months ago and revealed it publicly last Tuesday, says this has been going on for a long time.
“There is growing evidence to suggest that the level of compromise in India is greater than in other states, partly because India was heavily targeted,” says Greg Walton, an associate with the SecDev Group, a part of IWM.
There was, however, a sense of déjà vu at IWM’s discovery.
A March 29 report last year by IWM had said Indian institutions were vulnerable to cyber-espionage, especially to computers and servers being infiltrated by malware originating from Chengdu in central China.
Following that report, the ministry of external affairs introduced new protocols for sensitive information to maintain “digital hygiene” — GhostNet, the name given to Chinese network of hackers, had targeted nine of its missions.
But the new report, titled Shadows in the Cloud: Investigating Cyber Espionage 2.0, released last Tuesday, makes it clear that the penetration of the Indian government digital assets has not diminished.
If anything, says the report, the latest Chinese cyber-infiltration of Indian systems is far more sophisticated. Whereas GhostNet (discovered last year) merely watched, Shadow Network (the one discovered this year) has electronically stolen entire documents, many of them classified or confidential.
But this time, unlike last year, India was probably aware of what was going on. On February 24, the Canadians held a conference call with officials from India’s National Technical Research Organisation (NTRO), the part of the Research and Analysis Wing (RAW) that handles cyber-espionage.
“I was able to infer they were also actively investigating a case more or less related to this. They were conducting a parallel investigation,” says Walton. The Indian government refused to comment on the issue.
Adds Ronald Deibert, director of Citizen Lab, part of the Canadian team, from Toronto: “We gave the Indian embassy in Washington a thorough overview. I would be astonished if the protocols were not changed given how badly India was hit. That suggests a deep level of penetration.”
But these interactions took some effort on IWM’s part. As Deibert explains, this was partly because Ottawa was proving unhelpful. “So, our team had to pursue an independent line of notification,” he tells Hindustan Times.
Two weeks ago, Deibert met with Minister of State for Communications and Technology Sachin Pilot in Toronto. “He was very graceful and was, understandably, extremely concerned.”
Walton, a Buddhist sympathiser, did much of the fieldwork, spending more than four months in India, largely in Dharamshala. It was Chinese electronic eavesdropping on the Tibetan government in exile that sparked the Canadian team’s work.
The NTRO was informed of the “characteristics” of the stolen documents in “detailed Excel spreadsheets”.
Walton’s assessment is that what has been published is just “a glimpse of the problem”.
The IWM team is “open to offering any assistance within our capabilities”, says Deibert.
But, he adds, his team is still awaiting “guidance” from New Delhi on how to “dispose” of over 780 documents that it has collected during their investigations, some marked “Secret” and “Confidential.”
First Published: Apr 12, 2010 00:41 IST