A lot happened while you were sleeping last night, and much of it won’t be reported in the news today. Silently but with great precision, hackers around the world have been attacking various websites — it’s the new frontier of politics. And unless we understand the many layers of the web, we’ll be caught up in it.
Paint me a picture, you ask. Here goes: The Eastern Railway website was hacked into last month, its scroll changed to read “Cyber war has been declared on Indian cyberspace by Whackerz-Pakistan”, apparently in revenge for Indian violation of Pakistani air space. An Israeli news website, Debka, blamed cyber terrorism for its site shutting down following the Gaza attacks. And Jane’s Intelligence Group (UK) just reported that Al Qaeda has been using online gaming websites to launder money to finance its activities.
Online crimes come in various sizes. There are some against persons, such as child pornography. There are some against property — corporate espionage, banking fraud, defacing websites. Hackers; those who “destroy or delete or alter any information residing in a computer resource, or diminish its value or utility, or affect it injuriously”, according to the Indian Information Technology Act, 2000, have also taken to social networking sites with great enthusiasm. Group discussions tend to turn rowdy, and in the end, resemble a drunken bar fight. Facebook has been caught up in a virtual war. A group formed to collect 500,000 online signatures in support of Palestine was hacked into by the Jewish Internet Defence Force, which closed the group, signing off with ‘Israel forever’. The Palestinian hackers, not to be outdone, reacted by taking back their group and posting a cartoon of Calvin urinating on the Israeli flag.
But a more sinister avatar has surfaced as crimes against the State. Organized hackers go into government websites to collect information. Last December, reports emerged that the prime minister’s email had been hacked -- and traced back to China. In the same month, the internal communication network of the Ministry of External Affairs was hacked into, as was the website of the State Bank of India. Even the German Chancellery and Pentagon have been victims.
This isn’t science-fiction, and books like Scott J. Henderson’s The Dark Horse, are very real. Henderson explores what Military Review magazine has termed China’s “active offence” online, and reveals that the Chinese government supports hackers who travel the internet in search of information crucial to other countries. India is one such favoured destination. As a response, the US, Russia and even China, employ ‘ethical hackers’ to hack into their systems to reveal any vulnerabilities that the malicious hacker could exploit. One of the worlds leading ethical hackers, Ankit Faria, has stressed the need for India to wake up, but even as late as December 2008 National Security Advisor M.K. Narayanan stated that India had “limited resources” in this regard. The fallout of this can be lethal -- imagine state secrets in the hands of the enemy.
We are all too familiar with hearing news of terror emails being ‘traced back’ to some location, but it is not enough. Cert-In (Indian Computer Emergency Response Team) set up by the Department of Information Technology, has been pushing for a national cyber security policy that will require government offices to keep updated with the latest security developments and also come up with a crisis management plan. Whats more, new amendments to the IT Act, 2000, have removed all references to ‘hacking’ (which was earlier said to be a crime based on intent and knowledge) and limited it to an activity that requires ‘permission’. Further, the Act makes no reference to the multi-jurisdictional issues involved when the attack is from another country, and makes all cyber crimes bailable offences, allowing our illustrious hacker to go home to delete all evidence of his crimes. “A toothless tiger,” is what Pawan Duggal, a cyberlaw expert calls it.
We need more bite for our byte.