Agape Blog

In wake of cyber terrorism, US President Obama stated last June in its new cyber security plan “The new approach starts at the top, with the commitment from me: From now on, our digital infrastructure — the networks and computers we depend on every day — will be treated as they should be, as a strategic national asset,” in his briefing he said “Protecting this infrastructure will be a national security priority. We will ensure that these networks are secure, trustworthy, and resilient. We will deter, prevent, detect, and defend against attacks and recover quickly from any disruptions or damage”. Obama noted that cybersecurity is a “matter of public safety and national security”.

A month after his declaration, many government and some other websites in the US & South Korea have been crippled by a distributed denial of service attack. What’s interesting is the way the virus seemed to succeed in an unexpected way by sending erstwhile allies. The attack was largely built from the MyDoom virus, first exposed in 2004, so presumably the cadre of infectable machines was low (some 50,000 to 65,000 machines were infected), and seem to be located mainly in China, Korea and Japan. The purpose of most “Distributed Denial of Service” attacks is to create nuisance.

Investigators in the U.S. face a steep task in trying to trace the attack to its source. The assault involved more than 1,00,000 zombie computers (it is a a home-based PC that a remote attacker has accessed and set up to forward transmissions including spam and viruses to other computers on the Internet) linked together in a network known as a “botnet.” Most of those computers were in South Korea, but others were in Japan, China, the U.S. and possibly other countries. The assault began July 4 and targeted dozens of government and private sites in the U.S., including some federal agencies that were shut down for days. Treasury Department and Federal Trade Commission Web sites were knocked out by the blizzard of digital requests.

The officials said that while Internet addresses have been traced to North Korea, that does not necessarily mean the attack involved the Pyongyang government.

It’s a high time that need compulsory & requisite attention on cyber security to protect the confidentiality, integrity, and availability of information in today’s highly networked systems environment.

To log online Cyber Crime Complaint call our Toll Free No. at 1800 209 6789 (For India Only) Or visit us at www.agapeinc.in.

Jayesh Bellani
Executive: Fraud Management System

Today, terrorism is not restricted at striking and damaging the physical targets of the Government. Striking at “Economic Targets” and undermining the economy of the country is also considered an important terrorist strategy. Also, many vital Information assets are today owned by non Government sector and excluding them from being considered as potential terrorist targets under POTA could be an oversight.

India may be the most vulnerable place in the world now for physical terror attacks, but our country is equally vulnerable to cyber terrorism.

The terrorist propaganda using the Internet is intense, and encompasses not only websites but also blogs, social networking sites like the Orkut — and other areas of the cyberspace, including email groups and even recorded messages left as voice mails.

The other problem with regard to these websites is that, these sites are hosted from developed countries in the EU like Germany, Spain, Italy, France and the likes, where such websites are not under close scrutiny of the respective governments. Terrorist keep on changing their web interfaces, fearing imminent ban by the authorities. The clever use of cyberspace then, makes tracking of propaganda all the more difficult.

Passive ideological war is not the only form of cyber terrorism India suffers from; the country is also attacked routinely by terrorist hackers who snoop into government owned websites and personal computers for monetary gains. That is why, besides ramping up the country physical security infrastructure, the government also needs to ramp up the country’s cyber security infrastructure to prevent cyber attacks. India needs a well planned Anti Cyber Terrorism Action Plan to prevent the country being devastated through the invisible Cyber space attacks. Presently there are established laws that govern the Terrorism. However, there are no special laws governing Cyber Terrorism.

Special laws governing Cyber Crimes became effective in India with the passage of Information Technology Act 2000. Subsequently, the special act for Terrorism, POTA was also enacted. We need to therefore look at the laws governing Cyber Terrorism within these laws and any other associated legislation that may come into effect by cross reference including the IPC. Information Technology Act-2000 addresses some issues of Cyber Crimes but does not adequately address the issues of Cyber Terrorism.

Cyber Terrorism is a growing menace in the Cyber space and poses, many challenges to the Law Enforcement Agencies. In order to assist the Indian law enforcement agencies in improving their capabilities to handle Cyber Terrorism, it is necessary to make appropriate legal changes to include Cyber Terrorism under POTA, create a public support system for Ethical Hacking and Cyber Patrolling and also accept Counter Attacks as one of the effective strategies for curbing Cyber Terrorism.

Adnan Patel
Executive: Fraud Management Services

Cyber Crime is a daunting reality today. It affects every individual connected by a computer or technology. You may not be a hacker but your computer is a potential weapon for criminals to use to attack and damage countries, corporations and even mastermind the destruction of human lives. “Everyone must be aware of the risks that cyber crime and cyber terrorism poses, as ignorance may lead to huge losses and even endanger lives.” Even the participants of the EC-Council Asia Pacific Roundtable Forum unanimously responded to this statement.

Information security is not simply the responsibility of network administrators only, it is the responsibility of every internet user as their ignorance may result in millions of dollars in losses and even the loss of lives. The lack of education among both the users and authorities often results in allowing criminals easy access to even the most high tech security areas. One of the leading cyber crime expert said “No one treats a cyber crime like a murder case, often evidence cannot be used legally as it has been contaminated by the victim or the incident handler, allowing these criminals to escape prosecution.”

Truly, many times people simply ignore to follow certain basic rules like keeping their passwords private or securing their WiFi connections. And they only realise about theor mistakes when it is too late. This is where proper legislation, awareness and education among all levels right from the top management level to even security guards in any corporation is required to ensure the eradication of cyber crimes.

To address & debate internet security issues the World Council for Corporate Governance of UK (WCFCG) together with its associate the International Academy of Law, India (IAL), and in partnership with Cyber Law College are organizing an International Conference on Cyber Security in New Delhi on 29-30 Nov, 2008. The theme for the conference is “Legislation, Monitoring & Enforcement of Cyber Laws”.

Law makers, Governmental policy makers, Legislators, Business leaders, IT experts, eminent jurists, enforcement organizations, academics, bankers & reputation agents are expected to participate. This conference will aim for the formulation & implementation of holistic measures for development, legislation & enforcement of laws for Cyber Security to contain terrorism & promote public interest. Sharing of knowledge & experience of leading Information Technology Experts & Companies, enforcement agencies & jurists in adopting strategies & processes for improving Cyber Security.

Attending this conference would be some eminent personalities like Shri Kapil Sibal, Prof Howard A Schmidt, Dr. Robert Erbacher, Dr. PR Stephenson, Dr. Madhav Mehra and many more. Surely you cannot miss the opportunity of being a part of this conference.

For paticipation details, visit http://www.wcfcg.net

Cyber terrorism and cyber crime are leading to huge losses for many individuals and organizations. There are people sitting in the comfort of their home and are attacking other systems for their malicious intent. Such activities have been discussed at many conferences and events and various solutions are discussed. But implementing these solutions is not easy, as it requires a change in the mindset and old day processes.

Here are some links which discuss modern day solutions for this serious issue.

1. EC-Council, the world’s leading e-business and security certification organization discusses about Modern Defenses against cyber crime during its inaugural Asia-Pacific Roundtable Forum in Kuala Lumpur. Read more

2. How hackers targeted the presidential campaigns of Barack Obama and John McCain to trick users into downloading malware. Read more

3. Why Pakistan sets death penalty for cyber terrorism? Read more

With the financial crisis affecting USA severly, it has also affected other countries. This has resulted in a complete turn around in terms of the spendings worldwide. And with such tight situations, online financial fraud has witnessed a soaring growth.

Britan has been the worst affected country after witnessing a soaring cyber crime rate in 2007. A recent report published by an online firm stated that cyber crime in the UK rose by more than 9 percent in 2007. According to Tom Ilube, chief executive, Garlick, majority of the crimes committed online were in relation to fraud and abusive or threatening emails leaving more than two million people prone to online harassment.

The study further revealed that the online crimes were being committed by professionals and one could expect an overall increase owing to the credit crunch that would led many people to perform illegal activities. It’s critical in this time of financial crisis that individuals are vigilant with their personal information, because as long as the credit crunch continues, the growth in online financial fraud is bound to increase.

Cyber Terrorism - a term coined by the media and not the security agencies, has been extremely prevalent in recent years. A teenager spelling doom over a country by using the internet, are stories which used to be mentioned in movies and novels, few years ago. But with the advancement in technology they are becoming a reality today. These are cases of cyber terrorism.

There are several ways that a terror group can use the internet to inflict economic or morale damage to a nation and perpetrate cyber terrorism. One such way is by attacking economic and government communication networks. Ranging from defacing a website to denial of service (DoS) attacks, such attacks can vary in damage from minor embarrassment to catastrophic social and financial losses.

Today, the internet is full of videos and detailed manuals of how to build, do-it-yourself (DIY) bombs, mechanical weapons, etc. This provides a common man, access to such unhealthy information and then groups are formed to execute a mission.

There are many examples of cyber terrorism like, the recent attacks on Estonian government websites. Individuals like Gary McKinnon who hacked into the Pentagon and other military installations and using computer viruses and worms as platforms of protest. One of the most damaging attacks was the infection of NASA’s computer network with the WANK (Worms Against Nuclear Killers) worm in 1989.

One thing which comes out from this discussion, is that terrorists are using the cyber space to execute their dangerous missions. There are many security conferences, held around the globe that talk about the ways of curbing this menace. Surely, such awareness and knowledge will help in fighting cyber terrorism.

The recent bomb blasts in Bangalore and Ahmedabad were cases of cyber terrorism. An email was sent to a few media houses minutes before the first blast with a challenge to Indian law enforcement agencies to prevent the blasts in the shortest possible time. The Internet protocol, or IP, address of the sender led investigators to a Wi-Fi Internet connection of an American couple living in a flat in Mumbai. Even though the couple claims to be unaware of any such activity, the possibility of their Wi-Fi being hijacked cannot be overlooked. The terrorists have mastered the art of using cyberspace to their advantage, and yet remain anonymous.

Given below are some tips to prevent your Wi-Fi from being hijacked:

1. Change the default SSID name and disable SSID broadcasting
2. Change the default setting of the Wireless Routers
3. Enable MAC address filtering
4. Turn on Encryption
5. Disable the auto-connect feature

Suraksha was a complete security exhibition organised in Jaipur. Many companies had participated in it to inform people about the products that can help in preventing cyber frauds and providing security to confidential data.

| View | Upload your own

I found out a very helpful article on the existence of cyber terrorism and how different organisations are trying to combat it.

Here’s the link: http://www.crn.com.au/Feature/4652,does-cyberterrorism-exist.aspx