Saturday 27 May 2017

‘Sukhoi likely downed by cyber weapons’ (Sunday Guardian)

By M D Nalapat

Given the range of cyber interference, the source of the attack could have been from thousands of kilometres or from only a few hundred metres away. 
Analysts based in the vicinity of New York and St Petersburg warn that the loss, days ago, of an advanced and mechanically certified as safe, Sukhoi 30 fighter aircraft, close to the border with China may be the result of “cyber-interference with the onboard computers” in the cockpit. This may explain why even the pilots may have found it difficult to activate safety ejection mechanisms, once it became obvious that the aircraft was in serious trouble, as such mechanisms too could have been crippled by computer malfunctions induced from an outside source. They point to the apparent loss of five Army vehicles, “due (according to the authorities) to a misfired mortar strike” in the same zone, saying that a single mortar round would not have enough firepower to take out such a large number of vehicles. They add that the possibilities are that the damage may have been caused by a larger projectile guided by electronic systems that may have been interfered with during flight. Given the range and complexity of cyber interference, the source of the attack could have been from thousands of kilometres or from only a few hundred metres away. These analysts warn that although India spends over Rs 200,000 crore on defence through the armed forces and another Rs 100,000 crore on security via police units, hardly Rs 4,700 crore gets spent on cyber capability. The analysts spoken to point out that almost all this gets expended on foreign vendors, rather than domestic producers. However, this reliance on foreign shores for defence and security is across the board, so far as capital expenditure is concerned, in contrast to China, which has almost entirely indigenised its capabilities over the past 15 years.
The international analysts spoken to, who are based in Russia and the United States, two of the four giants in the cyber field (the others being Israel and China), point to the devastating effect of the lightning shutdown of the Northern Power Grid on two separate occasions in August 2012. These were attributed by authorities to an “overdrawing” of power by Uttar Pradesh, omitting to consider the fact that such excess power consumption is routine, and that in the past, UP had withdrawn far more electricity from the grid than had been the case when it tripped. They say that it is probable that a cyber-related malfunction of a key gauge may have occurred, leading to the breakdown in supplies. It is pertinent to recall (to illustrate cyber capabilities) that it was at that time that the US and Israel introduced Stuxnet into even non-internet related control systems in the nuclear industry in Iran. As a consequence, the nuclear process gauges showed acceptable speeds, even while remote commands raised the speed of certain processes to unsafe levels, thereby leading to a shutdown in operations. Of course, they add that it is “next to impossible” that either the US or Israel were behind the Northern Grid power outage, although both have the capability to inflict such damage on essential civilian infrastructure, and that the Stuxnet example was only given as an illustration of the lethality of cyber weaponry.
The impact of cyber warfare on complex machinery may be judged by the crippling of the USS Donald Cook in April 2014 by electronic interference sourced from a high-flying Sukhoi-24. Exactly a year later, yet another Sukhoi disabled the USS Theodore Roosevelt (an aircraft carrier armed with multiple defensive and safety mechanisms) in the Baltic Sea. Both naval vessels had to be towed to safety, as their onboard propulsion systems got damaged by electronic interference. Other large-scale disruptions caused by cyber warfare include the crippling of operations of Stockholm airport for three days last year. There had also been large-scale power outages in the US more than a decade ago, after the worst of which a warning was conveyed by US authorities to the (state) perpetrator that the next time around, there would be a disproportionate cyber reaction to the event, targeting the offending country. Needless to say, that was the last time large-scale disruptions of the same kind occurred within the US.
Given the push towards digitalisation by the Narendra Damodardas Modi government since 26 May 2014, the realm of cyberspace has become critical in the security and economic matrix of the country. In this context, cyber theft from banks is a vulnerability which needs to be eliminated. However, as yet authorities have adopted a conventional approach towards such crimes, as for illustration the overnight siphoning of Rs 1,200 crore ($171.2 million) from Union Bank of India on 20 July 2016 through seven “swift” transactions. $166 million was taken from Union Bank’s account in New York Citibank, while  5 million was removed from J.P. Morgan Chase, again in New York. The money was wired to seven accounts: Mrs Pornjit, SIAM Bank, Thailand; Mr Sithonno, Canadia Bank, Cambodia; Sactec Corporation, Sinopec Bank, Taiwan; Mr Cheng Nesgig, Indo-China Bank, Cambodia; and three other accounts.
During the same period, Bank of Maharashtra is reported to have lost Rs 25 crore through fraud in their digital payments mechanism. Interestingly, the same year, a Bangladesh bank lost $89 million in the same manner as Union Bank of India. While the Bangladesh authorities visited Sri Lanka to bring the account holders (into which the cash had been transferred) to justice, thus far authorities in India do not appear to have been to the locations where the money was sent, to interview the recipients. In the Indian cases, authorities focused on backdoor diplomacy to try and get back some of the money stolen, rather than aggressively pursue the perpetrators and the beneficiaries. As a consequence, India is widely regarded globally as a soft target for cybercrime, despite harsh laws on the subject. “What counts is not law but implementation and the capability to react, and in both, India has remained well below its size and potential”, these experts claim. Based in the vicinity of New York and St Petersburg, they warn that the capabilities of Indian authorities in the cybercrime realm are of a “Fourth World” standard. They claim that only Open Source tools are used in this country to track depredators, including by locating IP addresses. However, such addresses can be easily disguised by experienced hackers, thereby leading to the wrong locations being blamed for a cyber attack. Hence, in case an attack comes from a particular country, it is close to impossible for Indian authorities to identify the source, which means that there is no way of knowing who to complain to and about whom. Unlike the US, Russia, Israel or China, where each has the capability to penetrate through such dodges and establish where exactly an attack originated from, India has thus far relied on outside police forces to deal with cybercrime in this country, many of which are in locations compromised by graft and connivance with criminal gangs.
Globally, geopolitics specialists consider Prime Minister Narendra Modi to be among the top four global leaders (the others being Donald Trump, Xi Jinping and Vladimir Putin). They, therefore, expect that India under PM Modi will soon rectify the vulnerability caused by decades of neglect of the fact that the realm of cyberspace is likely to be the theatre of future conflict. MoS (MEA) General V.K. Singh, while Chief of Army Staff, had put together a cyber warfare group, but this seems to have been relegated in importance by his successors. Interestingly, in the US, the backbone of that superpower’s cyber capability in both attack and defence is talent from India, either still holding Indian passports or naturalised citizens. They say that military mishaps which may be passed off as accidents may in fact be the consequence of cyber warfare from unknown sources, as there are multiple groups of experienced hackers globally available on hire to the highest bidder. They say that the creation of stronger firewalls against cyber intrusions, including in the corporate and urban infrastructure sphere, needs to become a top priority of the Modi government as it crosses its first 1,000 days of existence.

No comments:

Post a Comment