Cyber intelligence is a strategic necessity in new-age warfare with nations using cyberspace to achieve political, economic, and military objectives without traditional physical conflict. Cyber intelligence allows military and national security agencies to see the unseen and connect the unconnected in a data-driven battlespace. Securing digital information is the cornerstone of national security; vulnerabilities in the digital infrastructure directly translate to national risk.
Countries big and small are engaged in cyber intelligence and data theft. Many cyber-scam/hacker centres (some state-sponsored) are also involved in data theft. Thailand repatriated 270 Indians working in scam centres to India.
This could be why Thailand demolished the Lord Vishnu statue in Chong An Ma area, saying this was for security of the area amid border clashes with Cambodia and the statue installed in 2014 was not registered or on an officially recognized religious site. But Cambodia claimed the statue was located within its territory on a legitimate religious site.
The US feared Chinese interference in the presidential elections on November 5, 2024. But a Wall Street Journal report gave details of Chinese hacker group ‘Salt Typhoon,’ linked to China’s Ministry of State Security, conducted extensive cyber-espionage operations targeting US telecommunication infrastructure, political figures (including JD Vance), and national security officials for more than eight months. Salt Typhoon’s infiltration of US telecom networks exploited vulnerabilities, even in patched systems, and enabled targeted surveillance of select high-value political and national security figures. The hackers also attempted to re-enter patched systems after being ejected from them by exploiting additional powerful vulnerabilities, some of which weren’t previously known to cybersecurity analysts. According to the Slovakia-based cybersecurity firm ‘ESET’, Salt Typhoon previously broke into government agencies and hotel networks worldwide, including in France, the UK, Israel, Saudi Arabia, Taiwan and Brazil, among other countries. US intelligence warned that China applies AI to stolen data to build social maps and dossiers on millions of Americans, showcasing an advanced mastery of cyber espionage.
According to a report in the Indian media, the Ministry of Defence (MoD) has decided to replace Microsoft Operating System (OS) in all its computers that can connect to the Internet with ‘Maya’, an indigenously developed Ubuntu-based OS, for preventing cyberattacks by cybercriminals. Maya is currently being rolled out only in MoD computers, not the three Services. The Navy has reportedly cleared Maya for use in its systems, while the Army and the Air Force are still evaluating the software. Maya is also backed by ‘Chakravyuh’ end point protection system.
The report goes on to say that Maya and Windows differ in cost and build. Microsoft sells easy to install Windows for a fee. Devices powered by Microsoft’s OS run on the Windows NT kernel; rather a hybrid kernel architecture – a microkernel design coupled with additional codes that help enhance performance. Apple’s MacOS also uses a hybrid kernel called XNU. In contrast, Ubuntu, a Linux OS that was used to build Maya, runs on monolithic architecture. Linux versions are called “distributions” or “distro”, and they comprise free and open-source software. Androids are also based on the Linux kernel.
India’s switch to Ubuntu-based Maya OS comes at a time when cyberspace is increasingly becoming vulnerable to malware and ransomware attacks. In December 2020, cybersecurity firm FireEye (now rebranded ‘Trellix’) discovered a cyber spy campaign that compromised dozens of government agencies and private organizations in the US. Hackers found their way into the Cybersecurity and Infrastructure Security Agency (CISA), a unit within the Department of Homeland Security. This was found to have originated from Russia’s SVR, according to FireEye’s.
In another case, SolarWinds’ ‘Orion’, used by 3,00,000 customers globally, was used by hackers to plant malware masquerading as a software update from the company, with nearly 18,000 customers downloading the compromised software update. Microsoft’s own systems were breached in this attack. Such cyber threats arising from proprietary software are once again making governments globally to look at free and open-source software (FOSS) to develop their own OS. According to the Centre for Strategic and International Studies (CSIS), 669 open-source policy initiatives were taken by governments around the world between 1999 and 2022.
China has been cyber-attacking India over the past several years. Chinese hackers are experts in operating botnets used in these attacks. Multiple attacks on networks include targeting organizations such as the National Security Council and defence and security establishments. But India has many more issues in terms of cyber-security. India’s dependence on Chinese electronic components, telecommunications, and equipment like CCTV pose a significant risk, as China could potentially carry out extensive sabotage at critical moments. Surveys show around 79% of Indian households have at least one Chinese electronic, and many owning multiple items like phones, LED bulbs, fans, TV, fridges and toys. India is also dependent on Chinese heavy machinery like tunnel boring machines for metro railway lines and the Ahmedabad-Mumbai Bullet Train project. India’s corporates enjoy the benefit of cheap Chinese components resulting in Chinese imports booming at USD 100 billion plus. India is allowing Chinese in the electronics sector, with officials saying Chinese vendors will not be allowed backdoor entry; which indicates poor understanding of how craftily China operates.
In October 2024, US-based firm ‘Recorded Future’ noticed that CCTV cameras in Taiwan and South Korea were digitally talking to crucial parts of the Indian power grid. This was a deliberate indirect route by which Chinese spies were interacting with malware they had previously buried deep inside the Indian power grid. Was India even aware of or imagined that such a conversation was possible in the first place? The incident indicated that advancements in digital technology have revolutionised covert operations, making it possible to undertake large-scale disruptions through virtual means, eliminating the need for physical presence or infrastructure.
On March 10, Babuk Locker 2.0 ransomware group claimed to have siphoned off a staggering 20 terabytes of data of the Defence Research and Development Organization (DRDO), releasing a 753 MB sample online to validate their claim. The data dumped reportedly includes credential logs, classified communications, and technical documents linked to India’s defence apparatus. The classified data, extracted from the personal device of a former MoD official, is reportedly circulating on dark web forums, up for sale. The compromised data includes engineering schematics of advanced weapon systems, details of a new Indian Air Force facility, procurement strategies, and records of India’s confidential defence collaborations with foreign allies. More alarming were evacuation protocols for the country’s President, Prime Minister, and other VVIPs in the event of an aerial attack. If verified, the implications of such a breach are nothing short of catastrophic. DRDO denied the leak, which is hardly convincing, but the damage done to India’s national security is immense.
The rise of private intelligence companies, capable of monitoring and analysing vast quantities of digital data, has transformed espionage into a high-stakes technological competition, challenging state agencies, which implies that China can carry out enormous sabotage at will, especially at critical times. The daily lives of individuals rely more than ever on digital technology: more things run on software (fridges, cars, phones), those things have a greater array of sensors (GPS receivers and radio transmitters) and they are increasingly connected, often over the internet, allowing data, often embodying our most personal secrets. We may have more means to keep our data secret but there is much more data to contend with and multiple sources from where it can seep out in the open, where a sprawling ecosystem of private intelligence can collect, analyse and use it.
It is no secret that despite clear risks, India’s approach to cybersecurity has been lackadaisical over the years. This is because many in the hierarchy believe and even privately say that China and the US already know everything, decoupling is well-nigh impossible and the effort would not be it. Moreover, the intelligence agencies, both internal and external, rely more on OSINT and HUMINT, less on technology. Moreover, the idiotic release of the intercepted phone conversation between General Pervez Musharraf in Beijing and his Chief of General Staff, Lt Gen Mohammed Aziz, during the 1999 Kargil War caused cessation of the foreign source that had provided the intercept. It is a known intelligence principle that publicly disclosing raw intelligence data can compromise sources and methods, potentially leading to a temporary/permanent reduction in similar future intelligence flows.
As to the switch from Microsoft OS to Maya, Sameer Patil, Senior Fellow at Observer Research Foundation (ORF), says that such a switch to open-source software would take many years because only sensitive ministries will make the switch in the near term. But the danger is that given the government’s penchant to flag milestones in a hurry, have Maya Charakravuh) been adequately tested and hardened? If not and already loaded on MoD/Indian Navy computers would imply a catastrophe.
The author is an Indian Army veteran. Views expressed are personal.
The post The Challenge Of Cyber Theft And It’s Impact On National Security appeared first on N4M (News4masses).
from
https://news4masses.com/challenge-cyber-theft-national-security/
No comments:
Post a Comment