Chinese state-sponsored actors may have deployed malware into Indian power grids and seaports as border tensions between India-China began escalating in May last, culminating in a deadly clash along the Line of Actual Control (LAC) in mid-June.
The alleged cyber intrusion was discovered and revealed by U.S. cyber security and intelligence firm, Recorded Future, according to the New York Times, which broke the story.
An recent grid failure in Mumbai may have been caused by the Chinese malware, as per the report.
China refuted reports that it had initiated cyber attacks against India’s power grid resulting in massive power outages and also claimed that it is ‘firmly opposed’ to such irresponsible and ill-intentioned practices.
Recorded Future, a Massachusetts-based company that studies the use of the Internet by state actors, in its recent report details the campaign conducted by a China-linked threat activity group RedEcho targeting the Indian power sector.
About Cyber attacks:
- Cyber-attacks are defined as “deliberate actions to alter, disrupt, deceive, degrade, or destroy computer systems or networks or the information and/or programs resident in or transiting these systems or networks.”
- Cyber exploitation or cyber espionage, on the other hand, refers to the penetration of adversary computers and networks to obtain information for intelligence purposes; this is espionage, not a destructive activity.
- Cyber-attack weapons are easy to use and they can generate outcomes that range from the simple defacing of a web site to the stealing of data and intellectual property, espionage on target systems and even disruption of critical services.
- Likewise, cyber-attack as a mode of conflict raises many operational issues.
- For example, how will a country know whether it is the subject of a deliberate cyber attack launched by an enemy government?
- How will it prove this?
- Proving attribution in cyberspace is a great challenge. It is extremely difficult to attribute cyber-attacks to a nation-state, since collecting irrefutable evidence has proved elusive in almost all cases of this nature in recent years.
- The very nature of botnets and zombies makes it difficult to do so. This has led many analysts to conclude that the Internet is the perfect platform for plausible deniability.
- Cyber attackers can support military operations. They can disrupt the target’s command, control, and communications.
- They can support covert actions to influence governments, events, organizations, or persons, often disguising whoever is launching those actions.
- Valuable information and state secrets can be obtained through cyber espionage.
Mechanism for Cyber Attacks:
Cyber-attacks can be carried out in a number of ways. Among them:
- Computer-network attacks
- Supply-chain attacks
- Social-networking-led attacks
- Attacks on radio networks for GPS and wireless networks
- Radio frequencies with sufficiently high power to disrupt all unprotected electronics in a given geographical area
Types of cyber threats against nations:
- Cyberattacks can be launched against the critical infrastructure of nations that includes telecommunications, energy, financial networks, transportation systems, and water distribution, among others.
- In many countries, such infrastructure is owned and operated by the private sector. Much of it depends on SCADA systems, which are computer-controlled in a networked environment.
- Taking advantage of vulnerabilities in these systems, attackers can disable them and disrupt essential services.
- An attack on the air traffic control system could not just wreak havoc with flight schedules but also, in the worst case, cause crashes.
- The effects are the same as if the infrastructure were bombed or attacked by some other physical measure, without the enemy coming in by air, sea, or land. Likewise, financial networks can be targeted to disrupt a nation’s economy.
- Banks, stock exchanges, trading, online payment systems, and other transactions of all kinds can be brought to a grinding halt as if these were physically bombed. This is cyber war or information warfare.
- The effects are similar to what would be achieved by Weapons of Mass Destruction (WMD).
Therefore, Necessity of Cyber-Security:
- Photos, videos and other personal information shared by an individual on social networking sites can be inappropriately used by others, leading to serious and even life-threatening incidents.
- Companies have a lot of data and information on their systems. A cyber attack may lead to loss of competitive information (such as patents or original work), loss of employees/customers private data resulting into complete loss of public trust on the integrity of the organization.
- A local, state or central government maintains huge amount of confidential data related to country (geographical, military strategic assets etc.) and citizens.
- Unauthorized access to the data can lead to serious threats on a country.
As we choose to stay connected, we are moving towards proliferation and assimilation of larger data sets, interacting with one another (big data, machine learning, Artificial Intelligence, Internet of Things); this opens the entire ecosystem to larger threats from social deviants.
It is on the individuals as well as the body corporates to preserve the confidentiality, integrity of data, while ensuring that accessibility to the very data is not compromised on any front.
Cyber space infringement is a battle that we fight on everyday basis. India needs stringent laws and policy in place to combat these issues.
The extant legal framework does not sufficiently address the concerns of the sector, and there is an imminent requirement to have a comprehensive legislation in place to address the concerns.
The proactive vigilance observed by the body corporates and private individuals, is also being supported by the insurance industry, where cyber-security insurances have garnered immense popularity, and are augmenting the lack of an effective legal regime.
As we welcome the impending legislation, companies in the healthcare and the banking & financial services sector are ensuring that they rely on their own technical and organizational security measures to ensure that the data available with them is not corrupted or is subject to any unwarranted and unauthorized access.
It is oft said that the future is a click away, it is important that the click does not lead to any pernicious portal.