Cyber warfare: Indian Army boosts its defences
By Sarwar Kashani, IANSSunday, July 18, 2010
NEW DELHI - The Indian Army is fighting attacks in the cyber world with electronic warfare capability of the “highest standard”, say officials pointing out that virtual strikes have shot up from hostile quarters in both sophistication and frequency.
“The army is cognisant of the threat to its cyber space from various state and non-state actors. But our network is well secured in compliance with the highest standards of cyber security,” a senior official in the military headquarters told IANS on condition of anonymity.
The official said the army has established an “impenetrable and secure wide area network exclusively for its functioning”.
Officials in the 1.3 million force privately admit they are facing “next generation threats” and are rather worried over the complex world of cyber warfare amid reports of Chinese and Pakistani spies targeting the Indian military establishment via the internet.
Though attacks from hackers - professional or amateur - can come from anywhere in the world, cyber onslaughts have been more frequent from China and Pakistan, which have reportedly been peeking into India’s sensitive business, diplomatic and strategic records.
As per reports from the cyber industry, China and Pakistan hackers steal nearly six million files worldwide every day.
A report in the US-based Defence Systems magazine found that there were 25 million new strains of malware created in 2009. That equals a new strain of malware every 0.79 seconds. The report underlines how the current cyber threat environment is dramatically changing and becoming more challenging as the clock ticks.
Howevever, the Indian army is confident.
Revealing that secret information had been secured with unhackable electronic passwords, the official said various “cryptographic controls” have been incorporated in the wake of a significant number of viruses, worms and other forms of malware.
To address cyber defence, which is also under threat from terrorist outfits that have their own trained recruits, officials said the army frequently upgrades its comprehensive cyber security policy to pro-actively deal with and anticipate these threats.
The force has established the Computer Emergency Response Team (CERT) to respond to attacks targeting the army’s critical systems and infrastructure.
Another official said the army has its own cyber audit process conducted by cyber security personnel.
“The audit is conducted in accordance with established security standards such as ISO 27001. Audit of the network is a continuous and active process which helps identification and mitigation of vulnerabilities in a network to counter latest threats as also check the network for cyber security policy compliance,” he said.
However, the official admitted there was no room for complacency in times of rapid technological change.
“In the area of cyber space, the battle between hackers and defenders is an ongoing process, influenced by latest technological developments. Due to the dynamic nature of threats, the army is constantly upgrading its network,” he said.
Technology alone, however, cannot guarantee “fool-proof security”, he said, adding the “Indian Army therefore emphasises on the people and the process to achieve compliance of best practices in this field”.
“Regular training programmes are being conducted to enhance user awareness and counter threats like social engineering and phishing,” he said.
(Sarwar Kashani can be contacted at s.kashani@ians.in)