China’s Cyber Warfare: IS INDIA BATTLE READY?

by Team FNVA

Col (Dr) PK Vasudeva (Retd)

On 30th June last, India woke up to Chinese hackers having broken into sensitive naval computer systems in and around Visakhapatnam, the Eastern Naval Command’s headquarters. Worse, they planted bugs (virus) that secretly collected and transmitted confidential files and documents to Chinese IP addresses.

This is significant given the fact that the Eastern Naval Command plans operations and deployments in the South China Sea, the theatre of recent muscle flexing by Beijing, and beyond. Also, India’s first nuclear missile submarine, INS Arihant, is currently undergoing trials at the Command.

Recall, cyber espionage first came to light in January-February last. Wherein New Delhi immediately got naval resources and other cyber forensic agencies to track down the hackers.  Needless to say, Beijing had been accused earlier too of using “cyber battalions”, specially trained military staff, to break into sensitive computer systems across the world.

Undeniably, it has used its expertise as a cyber-power to access highly confidential information relating to national security of other countries, including India. In fact, New Delhi should take note of this, not only because of its historically contentious relationship with Beijing but also due to China’s “all weather friendship” with Pakistan. Especially against the backdrop of Islamabad continuing sponsorship of terror across Indian borders especially Jammu and Kashmir.

Pertinently, just as armies fight on land, navies at sea, and air forces in air, national cyber-forces now fight in the online world. Indeed, cyber warfare is the new emerging battle front. Sadly, it is a battle that India is ill-equipped to wage. Resulting in the country being under-defended against sustained, damaging State-level cyber attacks.

Asserted renowned virus hunter Mikko Hypponen to India Site: “We’ve traced most of the cases of hacking against India not to Pakistan, or Russia, nor anywhere else, but to China.”

Undoubtedly, China has a large cyber army besides using a network of patriotic and mercenary hackers which enables the State to deny responsibility. As Beijing has extensive control over its Internet, it needs no rocket science to decipher that these attacks are pre-planned as a part of its Government’s military strategy.

In fact, there is nothing to stop China, unless India develops its own tools for cyber warfare, warns the National Technical Research Organisation (NTRO), the agency principally involved in investigating the damage caused by Chinese hackers. This outfit is directly under the Prime Minister.

Notwithstanding, New Delhi and Beijing might be talking peace, but it still has to address and grapple with how it will counter this full-blown cyberspace war. A TV media channel recently presented a frightening scenario. Showcasing how Chinese hackers targeted Indian computers with their deadly digital arsenal.

Significantly, with a staggering $55 million annual budget pumped into its devious science of strategic hacking, nothing is sacred for Chinese hackers. Given that Beijing views India as its biggest enemy. According to Toronto University’s Munk Centre for International Studies, Chinese hackers are known to function as a covert arm of the Chinese navy. And like Pakistani jihadis, the Chinese Government denies their existence.

Furthermore, hacking is institutionalised in China wherein virus writing is taught in Chinese military schools. Along-side, the art of hacking is very much a part of the training imparted to a growing army of nearly 10,000 cyber soldiers.

In addition, the Red Hackers Alliance, the fifth largest hacker group in the world, is known to render services directly to the Chinese Government. With the Alliance at its disposal, Beijing enjoys supremacy in hacking techniques.

The Chinese hacking force uses malware, spyware, key loggers, Trojans, bots and malicious code generators to break into Indian computers, copy documents, ex-filtrate sensitive material and bug classified correspondence. Basically, without a dedicated Indian cyber-security organisation, the country will remain a sitting duck.

It is no secret, that the country faces increased cyber warfare than most nations in the developed world. A prominent Russian security expert Dmitri who has worked with the Indian Government, averred:  “A State-funded terrorist group, perhaps pushed by some elements of a Government, could be a danger. For the foreseeable future the threat from Stuxnet like attacks will come from nation States”.

Adding, “India is definitely at risk as it is in a very unstable part of the world with a constant threat of war. It should assume that it will be compromised, and ask how to ensure that it doesn’t break the country, economy or damage national security.”

As it stands, in the last three months, 112 websites of the Government have been hacked by a Pakistan-based group known as H4tr ck. Whereby, the authorities have finally woken up to the fact that India is facing a major cyber threat that might continue unabated for sometime.

Recently, the Bharat Sanchar Nigam Limited’s website was among those which were hacked. Also targeted were websites of the Union Human Resources Development Ministry, Union Finance Ministry, and Union Foreign Ministry as also various State Governments and educational sites.

Remember, New Delhi was left red-faced when the Central Bureau of Investigation’s high profile website was hacked a few months ago. According to sources, crucial data on the website was either lost or deleted due to the attack.

World-wide many countries are busy setting up systems to battle cyber warfare. In 2009, US President Barack Obama declared America’s digital infrastructure to be a “strategic national asset,” and a year later the Pentagon set up a new U.S. Cyber Command (USCYBERCOM), headed by National Security Agency’s (NSA) Director to defend American military networks and attack other countries’ systems.

Ditto the case with the European Union which has set up ENISA (European Network and Information Security Agency) with further plans to significantly expand ENISA’s capabilities. The United Kingdom too has a cyber-security and “operations centre” based at the Government Communications Headquarters (GCHQ), British equivalent of US’s NSA.

All in all, despite efforts to ramp up a cyber army, the Government’s cyber defences are only as strong as their weakest link.  The National Technical Research Organisation, the apex group under the Prime Minister’s Office tasked with India’s cyber-security, responds to the attack and neutralizes it. But not before discovering that some of its machines have been under hostile control for over two years.

Therefore, India needs to urgently install a Cyber Command like the US under the Chief of the Defence Staff (CDS). The Government needs to wake up before it is too late. —- INFA

