The National Security Advisory Board (NSAB) has recommended formation of a central cyber security command on the lines of the US Cyber Command (USCYBERCOM) set up last May to fight back the new generation attacks on the government’s computer systems and networks.
A policy paper of the board stresses need for such a command not only to prevent any leaks of the sensitive information but also to ensure the valued government data is not hacked or destroyed by anybody from outside or from within the system. The document gives an insight to a lot of work done by China for inflicting damage to the computer networks in other countries.
The latest such attack was made on the website of Central Bureau of Investigation (CBI), purportedly from Pakistan, destroying all the data on its website (cbi.nic.in) which is still not up even after 11 days of struggle by the National Informatic Centre engineers who maintain the government websites. Luckily, the intruders could not get into the CBI’s computer that stores the sensitive data, inaccessible easily from the Internet.
India does not have the risk of wiki type leaks as access to the classified and sensitive material is limited to a very limited number of top officials unlike even a corporal having access to the diplomatic cables of the US missions, the government sources say.
Moreover, they say the government organisations doing the sensitive works have been already ordered to prepare cyber crisis management plans.
Defence and nuclear installations had upgraded their measures and laid down standard operating procedures even before wiki-leaks started trickling early last July, when Iranian nuclear facilities in Natanz were reportedly hit by a computer worm Stunxnet.
This work is touted as the first discovered worm that spies on and reprogrammes industrial systems. Russians described it as a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world.
Only the other day Defence Minister A K Antony admitted in Parliament that India is already exposed to the possible cyber attacks and explained how the top army brass was working in unison to make cyber systems secure and non-porous to protect systems.
“The paradigms of security in the age of information technology are seldom constant. The evolving security matrix is complex and calls for co-operation and coordination of the highest level,” Antony said.
Earlier last month, he also told the army commanders that cyber attacks were “fast becoming the next generation of threats” and as such, no single service could work in isolation. “We need to make our cyber systems as secure and as non-porous as possible,” he said.
The assertion comes amid frequent attacks and the subsequent alerts sounded by the army authorities over China and Pakistan-based cyber spies peeking into India’s sensitive business, diplomatic and strategic records.
The policy paper distributed by NSAB among the country’s strategic community stresses on simultaneous creation of a security centre that should monitor cyber operations and undertake active monitoring of cyber space.
It also stresses need for funding to develop innovative technologies to protect the Indian networks and promote growth of critical skills in the arena.
The research paper, titled “Informationising Warfare” warns that “as China grows militarily and economically, its resultant strategies are all likely to expand, especially in the cyber warfare arena.” Perhaps the most crucial among the beyond rules criteria is manifested in the form of “asymmetric warfare” — for instance, cyber attacks directed against data networks.
“The primary idea is to strike in unexpected ways against vulnerable targets,” the paper says, stressing that India has to prepare for these strategies that do not fall in the terrain of the present defence structure of Indian Army, Indian Air Force and Indian Navy, the researcher underlined.
The research paper quotes two Chinese strategists explaining a “combination scenario” being tried by China in which it secretly musters large amounts of capital and launches a sneak attack on an adversary’s financial markets.
Subsequently, it inflicts a computer virus and hacker attachment in the opponent’s computer systems and attacks his networks to disrupt and paralyse the networks of civilian electricity, traffic dispatch, financial transactions, telephone communications, and mass media, thereby causing social panic, street riots, and political crises for the adversary, the paper said.
The cyber warfare consists of two types: Cyber attacks and cyber protection. Cyber attacks include virus attacks and hacker attacks. Computer virus attacks refer to operational actions that use computer viruses to destroy or tamper information stored in computer systems in a manner that they do not work properly.
“In the military field, the core equipment of military information systems and cyberised weapons are all likely targets of computer virus attacks. Computer hacker attacks refer to those actions taken by hackers to intrude upon and destroy an opponent’s cyber systems,” the paper stressed.
It points out that Beijing is also pursuing a diverse and comprehensive portfolio of space warfare investments since the late 1980s. The status of these programmes runs from advanced concept development and testing, through product engineering evaluation, line-level manufacturing and acquisition from foreign sources, to integration as war-fighting capabilities into the Chinese armed forces.
“The evidence suggests that these programmes are protean: They lend themselves to steady evolution across the spectrum, from space denial to space dominance, if Beijing’s political goals change over time, though at present and for the foreseeable future, they are optimised for the space-denial mission,” the paper said.
Its stress is that the defence planning and implementation in future has to incorporate the virtual word to limit physical damage to the real one as China is increasingly integrating computer technology into modern military organisations to play the twin roles of being both a target and a weapon.
Cyber forces are most likely to be integrated by China into an overall battle strategy as part of a combined arms campaign. The aim is to increase the ‘fog of war’ for the enemy and to reduce it for one’s own forces—to be achieved through direct military strikes designed to degrade the enemy’s information-processing and communications systems or by attacking the systems internally to achieve, not denial of service, but a denial of capability.