Ultimately, the cyber-world is ungovernable. Cyber terrorism is a growing threat, and of increasing concern to governments around the world. And in this flat and fragile world, a few morphed images and spurious texts can unsettle an entire nation. Experts say using the cyberspace for settling political scores can prove to be detrimental.
Let's crack the story with numbers: a third of all observed computer attacks from July through September last year came from China, according to a report last month from Akamai Technologies, an Internet services company.
On February 1, anonymous hackers attacked Twitter and may have gained access to the passwords and other information of as many as 250,000 user accounts, the microblogging site revealed.
A day earlier, The New York Times reported that Chinese hackers had infiltrated its computers and had stolen passwords of its employees, and The Wall Street Journal announced that it too had been hacked.
The NYT reported that it had been the target of four months of cyber-attacks, which started during a probe by the newspaper into the wealth reportedly accumulated by relatives of the Chinese premier, Wen Jiabao.
According to the Guardian, the hackers gained entry to the newspaper’s internal systems and accessed the personal computers of 53 employees including David Barboza, its Shanghai bureau chief and author of the Wen exposé, and Jim Yardley, a former Beijing bureau chief.
Google chairman Eric Schmidt uses a new book to call China an Internet menace that backs cyber-crime for economic and political gain.
However, Chinese authorities have denied that Beijing has supported any cyber assaults, stressing that hacking is illegal in the country.
Bloomberg News, another American news organisation, was targeted by Chinese hackers last year, and some computers were infected. The attack occurred after Bloomberg published an article on June 29 about the wealth accumulated by relatives of Xi Jinping, a Chinese official who is expected to become president in March.
In 2010, Google had a very public spat with the Chinese government after it claimed China had led a hacking attack against Google, other technology firms, defense corporations and Chinese dissidents.
Business Standard simplifies the hacking jargons
What is hacking?
In a nutshell, it is a process of exploiting a weakness in a computer network to gain access to it.
__________________
Who is a hacker?
A hacker or White Hat Hacker (also ethical hacker) is one who specialises in penetrating computer systems, finding flaws and holes, and fixing them. Such people are employed by firms with pretty good salaries. They are sometimes called sneakers.
__________________
Who is a cracker?
Black Hat Hackers (or crackers) are those who specialise in unauthorised penetration of information systems. They attack computer systems for profit or fun, or to modify and destroy data.
__________________
Who is a script kiddy?
They are wannabe crackers. They lack knowledge of how a computer really works but use well-known easy-to-find techniques, programs or scripts to break into a computer to steal porn and music files, or send junk mail.
__________________
Different types of hacking: password hacking, phishing and malicious softwares (malware) which may watch users’ screens, pilfer bank accounts or propagate a social message. Domain name system (DNS) poisoning or DNS cache poisoning, is the corruption of an Internet server's domain name system table by replacing an Internet address with that of another, rogue address.
__________________
Laws
Section 43 of the Indian IT Act provides for remuneration for damage done, and section 66 provides imprisonment for up to three years.
Even as the number of internet users continues to rise and the government increasingly seeks to offer citizen-centric services through the internet, data show about half the government departments and ministries in India are vulnerable to data theft, hacking and cyber terrorism.
According to government sources, of about 7,000 government websites, only 3,192 have been audited for information technology (IT) security, while 3,556 others are being audited.
__________________
Top infamous cyber attack cases
A) Yahoo voices
Hackers posted online what they say is login information for more than 450,000 Yahoo users. The hack, which of course was conducted anonymously, was meant to be a warning, according to the Web page where the documents were dumped.
__________________
B) Operation Shady RAT
In 2011, hackers attacked the computer networks of 72 organisations around the world over a five-year period, security firm McAfee said. It was dubbed as Shady RAT by McAfee, which was bought by Intel Corporation. The victims include governments of Canada, India, South Korea, Taiwan, United States and Vietnam. International bodies such as the United Nations, the Association of Southeast Asian Nations (Asean), the International Olympic Committee, the World Anti-Doping Agency were also targeted.
__________________
C) CBI site hacked by Pakistani Cyber Army
In 2010, the website of the Central Bureau of Investigation (CBI) was hacked on by programmers identifying themselves as "Pakistani Cyber Army". The home page of the CBI website had a message from the 'Pakistani Cyber Army' warning the Indian Cyber Army not to attack their websites.
__________________
D) China 'hijacks' 15% of world's internet traffic
According to a report to the US congress, China ‘hijacked’ 15 per cent of the world's internet traffic for 18 minutes in 2010, including highly sensitive email exchanges between senior US government and military figures. A state-owned Chinese telecommunications firm re-routed around 15 per cent of all web traffic through its own servers during a brief period on April 8, the report said.
__________________
E) In 2010, Iran confirmed that its nuclear program had been affected by a mysterious computer virus. According to Reuters, a senior official at US technology company Symantec said that 60 per cent of the computers worldwide infected by the so-called Stuxnet worm were in Iran, prompting speculation that the nuclear power plant may have been targeted in an attempt at sabotage or espionage.
In December 2010, the corporate websites of Visa and MasterCard were inaccessible due to an apparent cyberattack by purported Wikileaks backers. Messages posted on Twitter indicated the attacks maybe be in response to recent moves by Visa and Mastercard against WikiLeaks.
__________________
F) In January 2010, Google said that it and more than 20 other companies were the victims of a sophisticated cyber attack - later dubbed Operation Aurora - from China-based hackers that resulted in the theft of intellectual property.
__________________
G) In 2011, South Korea has been hit by a series of cyber attacks which have targeted some of the country's leading websites. Government ministries, the National Assembly, the military headquarters, US Forces in Korea and major banks were among those hit.
__________________
Weapons of a cyber attack
Reconnaissance Tools
Used to gather information about networks and systems to help plan attacks on that system or network.
Scanning Tools
Used for in-depth data mining to get information on a target’s environment, its systems and other details.
Access and escalation Tools
These allow you to escalate your level of security clearance once you penetrate a network.
Encryption Tools
Effective in hiding data.
Stenography Tools
These are used to create hidden messages through electronic data. For example, a video file with a lot of noise could actually be an encoded message.
__________________
Tips for regular computer and Internet users
I) Habituate to change your email passwords every 10 days and never open your email id in front of anyone.
II) Avoid public cyber cafes. Use a strong password which shouldn't be a name or date of birth or a word from the dictionary.
III) Always use a password containing letters, numbers and special characters, for example, man@18!@.
IV) Always use a good anti-virus, firewall and operating system. Say no to piracy.
V) Never open any suspicious link or open any suspicious attachment in your email.
VI) Don't store passwords in browsers. Storing passwords in computer is not bad. But, make sure the directory containing the password file should be password protected and never forget to password protect your computer.
VII) Beware of lottery and cash prize win notification emails.
__________________
Ten famous hackers
10) Kevin Mitnick
09) Kevin Poulsen
08) Adrian Lamo
07) Gary McKinnon
06) Robert Tappan Morris
05) John Draper
04) The Masters of Deception
03) Matthew Bevan and Richard Pryce
02) Jonathan James
01) Albert Gonzalez
__________________
ALSO READ
__________________
Half the govt websites in India are prone to cyber attacks
Cyber attackers targeting Android platform in India: Report
