Defence ministry sounds red alert on web spying
New Delhi: India’s defence establishment has sounded a fresh red alert over the need to ensure physical as well as cyber security of classified information in light of increasing espionage attempts by foreign intelligence agencies, especially from China and Pakistan.
Citing “inputs” from the home ministry and elsewhere, the defence ministry has directed the armed forces and other organizations working under it to strictly implement the fresh security measures to prevent the leak of classified matter.
“Defence personnel, especially those serving in lower formations, privy to sensitive information relating to organization/matters pertaining to the armed forces continue to be targets of foreign intelligence espionage efforts/ agents,” said the MoD directive, issued on March 12.
Some of the security instructions deal with monitoring photocopying machines, police verification of all staff employed on “an outsourced basis”, restricted access to divisions dealing with confidential matters, close watch on suspicious conduct, caller ID spoofing and the like.
But the bulk of them are connected to cyber-security and computer-usage norms. They range from strict access control and proper firewalls to bridge the “air gap” between secure and insecure networks and curbs on use of digital storage devices.
“There have been cases of data being leaked through the use of pen-drives, removable hard disks and CDs. Moreover, Chinese hackers have also broken into military networks through worm-infected USB devices to exfiltrate information,” said an official.
Interestingly, in its publication, The Science of Military Strategy, this month, China for the first time admitted that the People’s Liberation Army has specialized cyber warfare units. While both China and Pakistan have been bolstering their capability to wage war in the virtual arena, the former has made it a top military priori- ty. “China regularly hacks into sensitive computer networks of countries like India, the US, the UK and Germany,” said a senior officer.
“China has at least a couple of hacker brigades, apart from over 30,000 computer professionals in its militia. It also has civilian teams empowered to undertake similar intelligence and computer network attacks,” he added.
Targeted cyber attacks can hobble, and even destroy, strategic networks and energy grids, and financial and communication info-structures of an adversary. Iran, for instance, learnt this the hard way when the Stuxnet software “worm” crippled its nuclear programme five years ago.
But even as countries sharpen their cyber-weapons, India continues to drag its feet in setting up a tri-Service Cyber Command, which was proposed by the chiefs of the staff committee a couple of years ago.