Upload
clyde-lynch
View
218
Download
1
Tags:
Embed Size (px)
Citation preview
CHANGING PERCEPTIONS OF CYBER WARFARE
Presentation Higher Command CourseArmy College of Warfare
18 October 2003
2
Genesis of the Internet Rand thesis Internet a product of the cold war Paradigm shift – hierarchical to
networking Advent of WWW Gift of TCP/IP to public domain
3
CYBER ABUSES
CYBER TERROR
CYBER FRAUD
CYBER LAUNDERING
CYBER INFRACTION
CYBER HACKING
CYBER PHREAKING
CYBER HACTIVISM
SPYING
SPOOFING
SNIFFING
SPAMING
SPINNING
STALKING
SEEDING (Viruses, Worms & Trojans)
4
Maxim
The Internet is the high ground and a first termer in NDA will know that the first lesson that one learns is to occupy high ground and hold it under all costs.
5
6
Cyber Terrorism Threat The most potent threat vector. We are victims of polemics and politics of
definitions. What is terrorism? Is cyber terrorism a hype or for real?
7
According to National Information Protection Centre
(NIPC), ”Cyber terrorism is an act through computers
that results in violence death and/or destruction and
creates terror for the purpose of coercing a government
to change its policies.”
“Cyber terrorism is the premeditated, politically
motivated attack against information, computer
systems, computer programmes, and data which result
in violence against non combatant targets by sub-
national groups or clandestine agents”
CYBER TERRORISM
8
Cyber Psywar zoom Cyber anarchy is a vested interest. Anthrax, SARS and Melissa are more
psychological than physical. We are in permanent and perpetual
state of threat. The Motto: “We need to give them back,
something to live for, instead something to die for.”
Cyber security is now a big business
9
Cyber enabled Terror InfoInfra Terror threats. Propaganda and psyops. Communications; crypto, stegano, PGP Money laundering, hawala. WMD Int, tech snooping, contact with hackers
and criminals. Proxy operations. Transacting, shopping and scheduling in
contrabands, drugs and weapons Clandestine meetings and RVs, ICQ, IRC
10
Cyber Terrorism Threat (Contd) Asymmetric warfare anchors on
unpredictable “the unknown unknown.” Both the perpetrator and the victim deny
the impact if not the criminal/terror act. A virtual attack may coincide with real
one, e.g. imagine mayhem if Code Red and 9/11 were mounted simultaneously
11
----------------
1. Unknown hacker sends Code red worm out onto the Internet to find a vulnnerable host server
2. The worm propagates to other vulnerable servers, turning them into dummies that infect other servers. And this process continues exponentially
3. …Code red ceases to proliferate, and the numerous dummy servers turn to attack the White House website, attempting to overwhelm its server with junk communications
<whitehouse.gov>
12
Surveillance & Security Industry
The digital surveillance and security industry is spurting sharply.
It is expected to cross $50 billion mark worldwide by 2008.
13
Threats to Infrastructure The physical infrastructure threat. Ranges from compromising critical
systems to severely affecting them. Critical physical infrastructure, e.g.
power grids, water, railways, dams, hospitals, oil pipelines, TV and AIR stations, telecommunications, air traffic, or any other networked system.
14
Scepticism
“To us cyber terrorism is a lower-level threat”
Marcus Kempe, Director Operations,
Masachusetts Water Source Authority
15
Vitek Borden Exploit
A hacker Vitek Borden succeeded in releasing a million litter of sewage into the water supply in Australia after 44 attempts
16
India’s SCADA Systems SCADA stands for Supervisor Control
and Acquisition of Data – these are systems that are cybernated or computer controlled/
30 percent of such networks are accessible by modems connected to public switched telephone networks.
Employees are lax about manual backup.
17
Threat to Data Compromising critical computer
systems to steal or irreversibly damage vital data. More pronounced against military, R&D, defence production and other sensitive data.
More critical the data, greater the vulnerability.
18
THREATS TO INDIAN CYBERSPACE Muslim Hacker Club Al Qaeda network ISI covert Internet-enabled spy
network. ICT exploitation tactics. Pak “G” Force, mOs, WFD, PHC and
Silver Lords LTTE cyber hactivism. Mercenary hackers.
19
20
Cyber Crime – Wide Canvas Rampant misuse and abuse of e-
banking and e-businesses. Unauthorized access to data. Forgery of digital signatures. Infringement of intellectual property
rights covering patents and trademarks. Fraudulent subversion of electronic
payment systems. Spamming.
21
Cyber Crime (contd) Wars over domain names,
browsers and portals. Monopoly practices. Commercial spying. Porno Growing menace of intruders,
masqueraders, and saboteurs in the cyberspace.
22
Security Breaches (1997-2001)
0
20
40
60
80
100
(% o
f Res
po
nd
ents
)
1997
1998
1999
2000
2001
Respondents 1997 98 99 2000 01
CSI/ FBI 2001 Survey 484 583 460 428 503
DoS Laptop Unauth Virus Sabotage IPR System Telecom Fin
Access theft penetration fraud fraud
23
Threat Perception by US Defence Science Board in 1996
StateSponsored
Terrorist
Espionage
Criminal
Individual hacker
High
Low
Low High
Probability of Occurrence
Potential damage
1996
2000
2004
Source : Jane’s Intelligence Review, Dec 2000
24
25
CYBER SURVEILLANCE
Systematic observation of cyberspace by surfing, sniffing, snooping or other means. primarily for the purpose of locating, identifying, determining, profiling and analyzing by all available and predictable means the transmission of e-mail, movement of packets, file transfer, e-money transactions and subversive activities of criminals, cyber terrorists, hostile regimes and intelligence agencies.
26
CYBER SURVEILLANCE
It equally applies to watch over friendly elements to anticipate and prevent cyber crime and social abuse, carry out counter surveillance and find holes in own procedures and systems of cyber security
27
CYBER INTELLIGENCE
Cyber Intelligence is open-source information minus noise, gathered over the Internet
The product resulting from the collection, processing, integration, analysis, evaluation and interpretation of available information concerning hackers, criminals, terrorists, hostile countries and cyber operations.
28
CYBERINT
HACKERINT TERRORINT
E-MAILINTERCEPTION
WEBINT
OPEN INTELLIGENCECOUNTRIES OF INTEREST
COMMERCIAL& TRADE-INT
CYBERCRIME INT
IRC
SPYINGSNOOPINGSNIFFING
CYBERINT
BB
INT ON SECURITY PRODUCTS
ICQ
29
30
Sun Tse Precepts in Cyber Arena
PLA’s capabilities to spy in cyberspace is next only to Echelon and that of waging cyber war and protecting cyber assets next only to NATO.
The scope of Chinese Information warfare spreads over a wide canvas, military, social, economic and political.
Encompasses electronic warfare, attacks on “human cognitive systems,” cyber, signal and signal deception, strategic deterrence,
31
Cyber Warfare is all Deception and Ess Abuses propaganda warfare, psychological
warfare, network warfare, structural sabotage and trade warfare.
#The Chinese have no compunctions whatsoever for employing dubious tactics, machinations and subterfuge, e.g invasion of adversaries’ financial systems, use of computer viruses, human sabotage, disrupting enemies’ economies, or spreading rumours over the Internet and thus psychologically impacting society.
32
Doctrine and Training “PLA has successfully integrated the latest
C4ISRT (Command, Control, Communications and Computers Intelligence, Surveillance, Reconnaissance and Targeting) and information warfare techniques into its war doctrine.”
The Chinese have been conducting training in cyber warfare.
33
Sino-Taiwanese Cyber War 1997-99
@Eversince 1997 the Taiwanese and Chinese armed forces have been preparing openly for a long drawn hacker war.
@“The wolf has already come. Pick up your hunting rifle!”
@The most serious attack has been that of the Chernobyl virus, written by a Taiwanese computer engineering student, Chen Ing-hao.
@The virus reportedly impaired 3,60,000 computers in China and caused $120 million in damage.
34
Cyber War -1
@Whereas China accused Taiwanese complicity, the Taiwanese authorities maintained that it was an individual act of crime.
@The Guaangzhou Military Region, which includes the South China Sea Fleet and the Second Artillery units, was hit and was paralyzed.
35
Cyber War-1
@A state of emergency was declared placing the Nanjing Military Region and the East China Sea Fleet on second-degree combat readiness. This was the first time China’s military entered a second degree combat readiness since the death of Deng Xioping in February 1997.
36
Cyber war-1@ After the incident, the State Council and the
Central Committee Military Commission promptly ordered the formation of a task force composed of General staff Intelligence Department, General staff Technology and Communications Department, Ministry of Defence Technological Intelligence Department, Institute of Military Sciences’ Special Technologies Department (also known as Department 553), and Ministry of Security’s Security Bureau.
37
China is reportedly considering developing a fourth branch of its People's Liberation Army devoted solely to cyberwarfare.
"China’s military planners recognize that... over-dependence on information systems is a potential weakness... Combining information warfare - such as computer hacking - with irregular special and guerilla operations, would allow China to mount destructive attacks within the enemy’s own operations systems, while avoiding a major head-on confrontation." (For more on prospective Chinese cyberwar strategies, read Unrestricted Warfare [file is in .pdf format], a book of military proposals written by two young Chinese military officers in February 1999.)
38
China’s Cyberwar Strategies
For more on prospective Chinese cyberwar strategies, read Unrestricted Warfare, a book of military proposals written by two young Chinese military officers in February 1999.
39
Sino-US CYBER WAR 2001 This war started as a sequel to the
collision between American military surveillance plane and the Chinese fighter jet on April 1, 2001.
China launched massive attacks agains US Websites including those of
It's (Cyber) War: China v. U.S. Crackers Expand Private War FBI Warns of Chinese Hack Threat
40
Cyber War-2
The Xinhua News Agency reported that U.S hackers have defaced the websites of the provincial governments of Yichun, Xiajun and Beijing, the Deng Xiaoping police force,the Tsinghua and Xinjiang Universities, and Samsung's and Daewoo Telecoms' Korean sites.
41
Cyber War-2
FBI-led National Infrastructure Protection Center (NIPC) confirmed that Chinese hackers had been active in launching Web defacing and distributed-denial-of-service attacks on the Department of the Interior's National Business Center, the U.S. Geological Survey's site and Pacific Bell Internet Services
42
National Security Presidential Directive 16
President Bush signed a directive in July 2002, ordering the government to develop a cyber-warfare guidance plan. The strategic doctrine would detail when the U.S. would use cyber attacks, who would authorize it, what constitutes legitimate targets, and what kinds of attacks -- Denial of Service, hacking, worms -- could be used.
43
The Fifth Dimension The U.S. government and military have been
studying the possibility of cyberwarfare for years, although it has only recently become a realistic threat. The U.S. military is convinced that "operations within the information domain will become as important as those conducted in the domains of sea, land, air, and space." (Source: Joint Vision 2020).
44
The full extent of the US cyber arsenal is among the most tightly held national security secrets. But reports point to a broad range of weapons under development, including use of computer viruses or "logic bombs" to disrupt enemy networks, the feeding of false information to sow confusion and the morphing of video images onto foreign television stations to deceive.
45
Maxim An extraordinary amount of detailed
intelligence is needed about a target's hardware and software systems for mounting a large scale cyber attack. Commanders must know not just where to strike but be able to anticipate all the repercussions of an attack.
46
Indo-Pak Cyber War
* It’s desi hackers vs rediff.comPak G Force. N Vidyasagar The Times of India
www.ofbjp.org * War in Cyberspace, Priya
Ganapati, www.rediff.com
47
Al Qaeda – ISI Gathbandan Al Qaeda uses simple hacking tools, e.g.
LOphtCrack that can break 8 letter/figure password in two minutes. The tool is freely downloadable.
Al Qaeda doing recce of critical infrastructure in particular that of US, Russia and India.
Technical expertise: Khaled Sheikh Mohammad studied engineering in a university in North Carolina
48
Gathbandhan (contd) Some experts had training in
computer security. ISI ran classes at Qandhar and in Malaysia under Muslim Hacker Club. Reports suggest revival.
All money movement is done by e-mail and hawala. None dare burst it
Al Jazeera still gets tapes. Tapes Trail remains uncompromised
49
Al Qaeda connection A hacker in US opines, “Al Qaeda as a
network has known connections to ISI. ISI has contacts with hacker groups operating agaist other targets, The belief is that if you accept that there is connection between Al Qaeda and ISI and ISI is operating against for example India, then Al Qaeda (even in its present state) would be able to gain access to computer hacks and plan operations”
50
It may well happen in India Someday Al Qaeda, if it is still alive
and operating will use cybespace as a vehicle for attacking infrastructure, not with bombs but with bytes. It would inflict biggest possible damage with least possible investment.
Richard Clarke Presidential Adviser for Cyberspace Security (2001-2003)
51
Hato Ashwathama
Let us not be naïve. There are no ethics in cybersocietyWar will continue to be between
belief systemsFlesh and silicate pitched against
flesh and silicate
52
53
Technologies and Tools Black bag jobs Packet Sniffers Carnivore Red and Blue Pill Trap and Trace Omnivore Genoa
54
Technologies and Tools (contd) Protocol Analyser Blackice Defender Dsniff Ethereal Spyware, e.g. spyBuddy AntiSpy software
55
Blackbag Jobs A black-bag operation is a secret break-in
by a law-enforcement or intelligence organization. It involves secret search of suspected locations, copying files or other materials. Besides scrounging trash, elect- ronic and physical
surveillance, pen-tests are part of the game. The search sometimes leads to what the hackers call “Rat Racing.”
56
PACKET SNIFFER
A packet sniffer is a wiretap device that plugs into a computer network and eavesdrops on the network traffic. Like a telephone wiretap that allows an intelligence agency to listen in on the conversations, sniffer programme lets someone listen in computer conversation.
Carnivore is one such packet sniffer or
packet filter.
57
CARNIVORE: A PACKET SNIFFER
Carnivore acts like a “packet sniffer” down into bundles called "packets". Carnivore eavesdrops on packets that all Internet traffic is broken into and watches them go by, then saves a copy of the packets it is interested in.
58
Carnivore News of Carnivore broke in July 2000. Public furor. How voracious Carnivore
could get? Can it vacuum up Internet comns from innocent users? How frequently is it used? What is the legal basis? Is it permanently hooked up?
FBI came clean or did they? “Designed to conduct efficient wiretaps of e-mail and online communications involving suspected hackers, terrorists and other criminals.”
59
CARNIVORE
Carnivore is packed in a slim laptop and is described as “a tool within a tool” that enables the FBI, in cooperation with an Internet Service Providers (ISPs) to collect counter-intelligence by tapping e-mails or other electronic communications of targeted user. This is done on the court orders. Carnivore is used in two ways, viz. as a "content-wiretap" and a “trap-and-trace, pen-register.”
60
CARNIVOREBOX
Windows NT or Windows 2000Box with 128 megabytes of RAMA Ppentium 111, 4-18 gigabit of
disk space and 2 G Jaz Drive
HardwareAuthentication
Device
Network IsolationDevice
61
Carnivore Box
A COTS (Commercial Off The Shelf) Windows NT (or Windows 2000) box with 128-megabytes of RAM, a Pentium III, 4-18 gigabytes of disk space, and a 2G Jaz drive where evidence is written to
The software is written in C++
The box has no TCP/IP stack, and therefore it is hack-proof.
62
Carnivore Box
A hardware authentication device to control access to the box, preventing personnel from accessing the device without leaving telltale signs. It is a "network isolation device", which is probably a Shomiti or NetOptics tap.
Some units are rumored to have dial-in modem ports, but it seems that the standard procedure is to have an FBI agent come in daily to exchange the Jaz disk for a fresh one.
63
RED AND BLUE PILL
Carnivore comes in two pills, the “Red” one and the “Blue” one The former is administered when the ISP claims that it cannot or will not comply with the court order. The Blue Pill is a sophisticated Carnivore programme that scans only e-mails where the ISP cooperates for an investigation. The FBI explains the origin of the codename: "Carnivore chews all the data on the network, but it only actually eats the information authorized by a court order.
64
TRAP AND TRACE
A less invasive wiretap that courts in the US allow without probable-cause. A pen-register records just the telephone numbers of inbound calls to a suspect.
65
IP Sniffing OMNIVORE
Earlier, the FBI was using Carnivore in a mode they call "Omnivore": capturing all the traffic to and from the specified IP address. There are numerous products that can fulfill these types of requirements. The easiest is the freeware program known as TCPDUMP, which is available for both Windows and UNIX.
66
DARPA’s GENOA
CARNIVORE is now known as DCS 1000
Effectiveness under doubt Genoa provides a cutting edge
search engine, sophisticated information harvesting programme and P2P computing methods.
Still in experimental stage.
67
PROTOCOL ANALYSIS
Network wiretap comes with a feature called “protocol analysis,” which allows them to decode the computer traffic and make sense of it. Network sniffing has a distinct advantage over telephone wiretaps as many networks use shared media dispensing the need to break into a wiring closet to install the wiretap. This can be done from any network connection and is called promiscuous mode sniffer. However this shared technology is fast changing to switched technology, which implies that sniffer would have to actively tap the wire.
68
BLACKICE DEFENDER
BlackICE Defender" has a feature called "Packet Logging". It monitors all traffic to and from the machine and saves it directly to disk just like Carnivore. This feature could be used when there is apprehension of being subjected to an attack. The popular freeware utility known as
"Ethereal" can then be used to display the contents of this data. IP fing may also be done in a pen-register mode. Many packet sniffers could be used for this capability.
ICE stands for Intrusion Countermeasures Electronics.
69
Ethereal Described as sniffing the glue that holds
the Internet It is a freeware, network protocol
analyzer for Unix or Windows. It allows examination of data from a live
network Interactively browse the data. View summary and detailed description
of each packet
70
dsniff
Dsniff is a collection of tools for network auditing and penetration testing.dsniff, filesmart, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data, e.g password, e-mails, files etc. Its avowed purpose is to create security awareness. However significantly, it provides useful sniffing/wiretap utilities to hackers that are claimed to be more advanced than Carnivore. See http://www.monkey.org/~dugsong/dsniff/
71
dsniff Websites www.monkey.org www.datanerds.net www.ethereal.zing.org www.sysadmin.oreilly.com www.freshmeat.net www.groar.org www.packages.debian.org
72
dsniff Websites (contd) www.science.uva.nl www.cvsweb.netbsd.org www.rpmfind.net www.linuxsecurity.com www.packetstormsecurity.nl www.itworld.com www.online.securityfocus.com
73
Spyware - Capture & record every IRC. - Capture & record banking information - Capture & record passwords - Capture & record everything typed or clicked on computer Some of these software products have the ability to
send the above information covertly via email ! If you bank online or access password protected
material, your passwords or private banking information can be exposed!
74
SPY SOFTWARE Downloadable, worth 40 dollars or
so Monitor home PC from workplace
or vice versa Features: Real-time remote keystroke viewing Remote desktop viewing Remote application and task management Remote open windows management
75
Spy SoftwareSpyBuddy Internet Conversation Logging. Ability
to log AOL/ICQ/MSN/AIM chat conversations. Disk Activity Logging. Record all
changes made to the hard drive, e.g. directories and files, created, deleted or renamed.
Window Activity Logging Clipboard Activity Logging Website Activity Monitoring
76
SpyBuddy Printed Document Logging Keystroke Monitoring Screen Shot Capturing Webwatch Keyword Alerting
77
Remote Capture Remote system information viewing. Remote file system navigation Remote locking control Remote Internet connection monitoring Document history viewing Mouse freeze control Remote Website launching. Remote application launching Remote shut down
78
Anti-spy software SpyCop X-Cleaner Anti-keylogger Nitrous Anti-spy Evidence Eraser software, e.g. Window washer Evidence Eliminator Pro Evidence Terminator
79
Anti-Spy SoftwareSpyCop Find computer monitoring programmes used
for spying. Allows you to rename any suspect files Minimizes software while scanning so you
can do other things! You can right click on files in explorer and
scan them for spyware! Single file scan function built in complete
with browse capability Save results to a text file for future reference
80
SpyCop Print the results directly from the software SpyCop icon deters spyware installation Finds when a spy programme was installed. Checks if a spy programme is detectable
with database search "LiveUpdate" feature to instantly update
database without re-downloading! Unrecognizable to most spy programmes. A screensaver which scans the system
when the user is absent.
81
Virus scanners don't detect spyware & Firewalls don't stop it!
Many think someone needs access to your computer to install spy software. This just isn't true.
Now there are hybrid versions that can be sent to you just like a virus in email.
Why aren't more people upset about spyware?
82
83
Hacker (and terrorist) profiles are created not by identifying real
evidence, but by probing scenarios, resemblances and
similarities. Vranasvich
84
PROFILING & TRACKING TERRORISTS Est virtual identity before real identity. Exploit inter group rivalries Catalogue ustad-shagird relationship. Model “terror family” tree. Bio-print Psy-print. Form chain of custody of exploits. Become a chameleon Play KOOTNITI
85
JAFFNA1.AMMA2. ARASU3. BANU4. BURMAN5. CALIFORNIA6. CHICAGO7. ESHWARAN8. KENNEDY9. LOSANGELES10. MADI11. MOSCOW12. NAKULAN13. RAHIM14.SENTHIL15. VINCENT16. WILSON
MANNAR1. KALI2. NE3. N74. TIMBU
VAVUNIA1. BAHIR2. DAYABARAN3. JESSIE4. KANNAN5. MAIN6. MAHENDRAN7. N 378. SENDAN9. SHANKAR10. SUSI11. VIBULAN12. VILLAI
KILINOCHCHI1. ALEX2. GRACY3.. KEEDAN4. PARMALINGAM5. RADHAN6. RANJIT7.ROBIN8.SELVA
EWCCLTTE NETWORK
1
35 6
1615
12119
7
414
13
102 8
23
1567
8
4
8621
7
5
11
43
9
12
10
1
1412
119
87654
2
1
13
3
15
10
16
17413109515
11 76
32
1
11
1
4
28
1311
1210
796
4
21 3
VAVUNIYA
MANNAR
KILINOCHCHI
MULLAITTIVU
JAFFNA
BATTICALOA
JAFFNA
BATTICALOA
TRINCOMALEE
MULLAITTIVU
MANNAR
KILINICHCHI
MULLAITTIVU1. AC2. AIERISH3. ALFA4. ALLEN5. BALRAJ6. CHANDRU7. CHARLIE8.CHINANNA9. DHANAM10. DIVAKAR11. FORK12. IAN13. KAMAL14. KUMAR15. MAHENDI16. MURALI17.PASILAM18.PULLIANDI
BATTICALOA1. AGATIAR2. DILIP3. KANDAN4. KARIHALAN5. KUMAR6. NATHAR7. NEWTON8. RAJAN9. REAGAN10. SABASAN11. SIVAN12. SURAN
TRINCOMALEE1. BONAT2. CHITRA3. DAYA4. DEEPAN5. GURUJI6.JENA7. MAINDAN8. MICHAEL9. MOHAN10. NATHAN11. HIMAN12. RADUMAN13. RAMESH14.SHARAD15. SURENDRAN
TRINCOMALEE
143.390144.390145.390
144.440
146.310/144.310
146.310/144.440143.310144.310145.310
144.550/145.550
147.430
145.650
145.810
146.850146.910
144.440
145.590
146.910
145.630
145.350145.630
144.820
144.820143.660
144.820
145.450
144.850144.750
144.850
145.620
145.640145.650
86
Udhayan,,Easan Kumar .Captain David . Kiruban, Thavoor, Das, Romeo, Menon, Kesavan, Pathi RaththiDixon Pottu Amman
Sivarasan @ Raghuvaran,the 'one eyed Jack',
Ravi @ Ravichandran Suchindran @ MaheshKP @ T.S.Kumaran A.S.Shanthakumar @ Rajan,Easan @ Easwaran ... Sigirthakumar,
87
E IDENTITY TO REAL IDENTITY Udhayan, Responsible for fabrication of
Arul - 89 RPG shells, Easan. Incharge of hawala transactions. KP. Highest functionary in SE Asia. Kumar. Assistant of 'KP' in South East Asia. Captain David. Commander LTTE fleet of
three vessels including Elusia and Sea Bird. Dixon. Communication expert Pottu Amman, Intelligence Chief
88
ISI: Cyber Surveillance Profiling ISI has set up a special wing called
National Response Centre for Cyber Crimes (Associated Press, March 13, 2003). “Earlier it had to rely on US investigators to trace e-mails sent by the kidnappers of Danial Pearl”
89
GLOBAL INFORMATION BASE USAF Project Applied System Intelligence Inc. (ASI) KARNAC (Knowledge-Aided Retrieval iN
Activity Context. Anchored on bunch of technologies and
Database Management Systems Detect, identify and corroborate
impending t5errorist operations interalia missions of the like kind
90
SOFTWARE JUNGLEE
Produced by Bangalore-based company Stratify
It sifts through myriad of unstructured information pieces that stream into CIA.
It goes through e-mailsw, letters and even rumours sent in by the CIA operatives to lend aq logical pattern and coherence.
Software understands different languages including Persian, Arabic and German.
Funded by In-Q-Tel
91
CYBER COPS
In 20001, National Science Foundation announced a scholarship programme for training cyber cops.
200 students bachelor's degrees in information technology and computer security at six U.S. universities.
Graduates must work for the government for one year for every year of scholarship support they receive.
92
Universities involved in the Project
Designated "Centers of Excellence" by the National Security Agency. They are
Iowa State, Purdue University. The University of Idaho. The University of Tulsa. The Naval Postgraduate School. Carnegie Mellon University, which is also home to the
government's CERT Coordination Center, formerly known as the Computer Emergency Response Team.
93
94
Electronic Communications Privacy Act (ECPA)
Pronounced (ek-pah). This law was designed to clarify how existing wiretap laws apply to cyber space, but at the same time sets boundaries on how much the government could intrude into on-line privacy. Commonly called "Internet wiretap law" The law was originally promoted by privacy and civil rights organizations. However, subtle changes that made it into the final version ended up being what privacy advocates called "a wish list for the law enforcement community"
95
FISA-1978 Stands for Foreign Intelligence Surveillance
Act. It establishes va legal regime for foreign int separate from ordinary lawenforcement.
Deter-neutralize-exploit Special courts FII Foreign Intelligence Information is
defined. FISA allowsb surveillance without court order
96
CALEA-94
Communications Assistance for Law Enforcement Act (CALEA) commonly called Digital telephony law was passed by the US Congress in 1994 to allow law enforcement to tap digital lines with the same ease in which they were tapping analogue lines. It required phone companies (common carriers) to make sure their systems would support wiretapping. This required existing systems to be retrofitted (estimated cost: $500 million) as well as to support new technological developments in wiretapping.
ISA
97
Patriot Act - 2001 Broadly expands law enforcement
agencies’ surveillance and investigative powers.
Aim is to intercept and obstruct terrorism
Contradictory views expressed on the threats to security viz threats to privacy
98
How is it different? Makes it easier for the investigative
agencies to use FISA to circumvent Title 111.
FISA courts can allow roving surveillance The standard under which FISA pen/trap
orders can be obtained is much lower Pen/trap orders apply to both wire and
electronic comns. When obtained all pen/trap orders are
valid throughout the US
99
Regulatory Investigative Powers (RIP) of UK. RIP mandates black-boxes to be
permanently located at all ISPs, unlike Carnivore, where boxes have to be brought on site for each investigation and removed when the investigation is done. Like Carnivore, a court order is needed. The technology provides an effective mechanism to bypass a constitutionally required process of court authorization for wiretapping of electronic communications.
100
SORM OF RUSSIA
SORM is a Russian acronym for System of Ensuring Investigative Activity. The regulation requires all ISPs to install a “black box” rerouting device and to build a high-speed communication line, which would hot-wire the provider, and of necessity all Internet users to FSB headquarters. FSB is the successor agency to KGB. The agency needs a warrant but that is more of a formality that can be easily dispensed with because of the provision to reroute transmissions in real time to FSB offices.
101
Indian Scene Section 167 (2) (a) of the Code of Criminal
Procedure has been amended in Andhra Pradesh to make the production of the accused for the purpose of remand through video linkage as valid. But for such law, the physical production of the accused for the purpose of remand would have been mandatory. Similarly, recording of evidence through video-conference has been permitted by the Calcutta High Court.
102
103
Let us therefore Fix the enemy in time and space (Cyber
and geographical. Develop indigenous software that
facilitates humans and machines to think and act together. Software that is:-
- Collaborative - Coordinative - Cognitive - Comprehensive (Total Information Awareness) Destroy, disrupt, deface, deny enemy’s
ICT and cyber assets/access
104
Let us therefore Raise cyberCops. Revamp our intelligence agencies with
intake from technical graduates, preferably trained in IT, biometrics, communications, bioinformatics and cryptography.
In the army, convert Intelligence Corps into a technical arm.
Create expertise within the Services and the DRDO.
Promote R&D in our training institutions
105
Recommendations (contd) * Creation of a "cyber court" to preside over
computer crime. * Increased participation and data sharing
between the services and between the services and the Defence Ministry, particularly from the top down.
* Creation of a National Infrastructure
Protection Center.
106
And lastly
Shed anti-technology mindset and
stop glorifying technology illiteracy
and humint
107
Concluding RemarksIndia not only needs cyber warriors
but alsocyber commanders
whose cerebrums are ticking and net-worked,
and not clogged by trivia.
Tasmaad uttishth Kauntay udhay krit nishchaya
108