India's top secrets are in Guangdong, China |
Chinese Hacker |
A
successful Chinese hacking attack has caused what is arguably the
biggest security breach in India with systems of hundreds of key DRDO
and other security officials being compromised and leading to the leak
of sensitive files related to the cabinet committee on security (CCS),
the highest decision-making body for security issues of the government
of India.
The other stolen files recovered so far belong to the governments of the United States, Russia, and South Korea.
The leak was detected in the first week
of March as officials from India’s technical intelligence wing, National
Technical Research Organisation (NTRO), working with private Indian
cyber security experts cracked open a file called “army cyber policy”.
The file had been attached to hacked email accounts of senior DRDO
officials that quickly spread through the system in a matter of seconds.
As Indian security experts began to
track its origin they discovered, for the first time, that all the
sensitive files stolen from the infected systems were being uploaded on a
server in the Guangdong province of China.
So far, Indian intelligence has never been able to pinpoint a hacking attack with such accuracy.
As they continued to trace the breach,
they discovered thousands of top secret CCS files, and other documents
related to surface-to-air missile and radar programmes from DRDL, a DRDO
laboratory based in Hyderabad, among many other establishments.
Even the e-tickets of the scientists who had travelled to Delhi in the last week of February were found on the server.
The intelligence officials also
discovered documents of deals struck between DRDO and Bharat Dynamics
Ltd, a defence PSU which manufactures strategic missiles and components.
Some other recovered files were related to price negotiations with
MBDA, a French missile manufacturing company.
But the shocking part was the extent of the hacking by the Chinese, believed to be officially sponsored.
The officials began to find files
related to the Russian military as well as files that belonged to CSRDC
(Centre for Security Research & Development Center) which comes
under the United States department of Homeland Security’s Science and
Technology directorate. Some files from NASA too have been recovered so
far. All this was discovered after cyber security
Officials of the Information Dominance Group (IDG) and private Indian cyber security officials began to track down the “NetTraveler Trojan and Key logger” that had infected Indian systems. The other files recovered belong to South Korea, Russia, and the United States.
For a server of its size and capacity,
believed to be worth almost Rs150 crore in the open market, it hosted
just six domains. This is highly unusual because a server of this size
usually has over 10,000 domains.
This meant that this was being used for a
specific purpose. Initially, it took time to decipher the files since
they were all encrypted. But after the key was found, the decryption of
the files began and to their horror, Indian intelligence officials
discovered this massive breach of security.
source:HJS
Comments
Post a Comment
Please leave a comment, as it helps us to improve our articles...!