50% of India’s vital infra under attack

One evening, the power grid fails and the city is plunged into darkness. There is no water in the taps, no piped gas. The next day, you learn the rail network is damaged as many trains have crashed into each other. The airport is dysfunctional too, as airplanes have crash-landed, some even in residential areas. As you contemplate if it could get worse, you hear a nuclear plant is leaking radiation.

Fiction? No, according to the Critical Infrastructure Protection Survey conducted by e-security giant Symantec, which has found that not only there is no system in place to secure networks, gateways, critical communication and information infrastructure in the country, half of India’s critical infrastructure providers have experienced cyber attacks.

Forty-three percent of these providers say that attempts to shut down or degrade their computer network have been effective, while 37% say attempts to manipulate physical equipment through the online network have succeeded. The survey also found that over two-thirds of critical infrastructure providers are experiencing an escalation of these attacks.

This trend shows that the nature of cyber crime has moved from espionage to sabotage, and cyber criminals are now capable of critically compromising national security. Alarmed, and caught napping, the central government has prepared the national cyber security policy draft, which has been submitted to the Union ministry of IT and communication and several other departments for consideration. To be finalised by May, it is expected to be tabled in the parliament soon.

Worm hole
At the forefront of these attacks is the Stuxnet worm, which recently infected a power grid, along with an Air Traffic Control. Though is not known where these attacks took place, a team of experts from the cyber intelligence lab of Symantec detected that the attacks were launched through the Stuxnet worm and India was the third most-affected country.

The worm looks for industrial control systems and changes their code to allow the attackers to take control of the system without the operators’ knowledge. In other words, this threat is designed to allow hackers to manipulate real-world equipment, which makes it very dangerous.

“In the past, politically motivated attacks fell primarily in the realm of cyber espionage or denial-of-service attacks against Web services. However, with the Pandora’s box now opened with Stuxnet, we can expect to see these threats move beyond spy games and annoyances as malware is weaponised to cause real-world damage as more instances of the pursuit to control the digital arms race come to light,” said Shantanu Ghosh, vice president, India Product Operations, Symantec.

Threat control
There have also been several attacks on government websites and networks recently, including railway and ticketing websites, ones which brought down sector networks, besides attacks on private sector websites which caused heavy losses and could have been worse had they not been detected in time. Most recently, the website of the electoral officer was hacked and defaced, compromising data about all the voters in the state.

To deal with this new environment, the policy draft discusses possible threats, their affects and losses, and also comprises recommendations by experts about how they should be tackled.

“Stuxnet, the first computer worm to impact critical infrastructure such as nuclear power plants, water treatment facilities and other factories, reaffirms that cyber attacks have evolved to extremely sophisticated activities capable of compromising utilities, government and private infrastructure, and corporate intellectual property. We are monitoring the online landscape to ensure that India’s critical assets are secured,” said Gulshan Rai, director general, Indian Computer Emergency Response Team, the agency which is tasked with keeping the cyber sphere secure in the country.