India in the news for cyber espionage

Update Jan 18, 2012
      Symantec has announced that they were hacked and the source code has been stolen. This brings a new story within the story. 


http://www.reuters.com/article/2012/01/17/us-symantec-hackers-idUSTRE80G1DX20120117


Is this for real ? Is there much more to this story ?? First Yama made huge noises about the hack and all the other stuff at which point Symantec was quiet and all of a sudden Yama is quiet. What happened to the Norton source code which was to be revealed and all the documents which were to compromise India. 

What I find intriguing is the rant against Sunil Mittal, the Chairman of Bharti Airtel - I mean why him ! Of all the people in the world. And the fact that Symantec may have been hacked way back in 2006 and the disclosure is happening now. 



Is this Yama some one who has a problem with Bharti ? Is this a social engineering charade ? Whatever be the case someone somewhere must be laughing, someone somewhere must have been booted out of a job and a lot of people somewhere are working hard trying to unravel this mystery .. identify Yama and Co, talk to the US folks, re-establish the identity of a non-aligned nation :) and more...










The last  two weeks have seen a lot of media coverage in India and overseas about the disclosure that Indian intelligence agencies had hacked a US-Chinese business association and that major phone manufacturers had been arm twisted to create backdoors in their devices that allowed the hack-espionage activities to take place. 


We read this and similar articles 
China Not The U.S.'s Only Cyber-Adversary
Reports of cyberespionage out of India are a wake-up call for U.S. businesses, government agencies


Then this ... 

Fake memo but real code? India-U.S. hacking mystery deepens
(Reuters) - A memo that triggered a U.S. investigation into a possible cyber-attack by Indian military intelligence is probably a fake, but it is clear from leaked documents that serious security breaches did take place.



followed up by 
An interview with Yama Tough a member of the Lords of Dharmaraja  on Infosec Island.


All I can say is that the information / misinformation brought about a lot of confusion (who is this LofD and so many people saying so much and nothing), disbelief (India !) and surprise (don't tell me some Indian did this !) 


To add to all the information, misinformation, confusion, disbelief and surprise were my own thoughts about this report which I want to articulate here - first there was a categorical denial by one of the topmost Government officials on one of the groups I am subscribed to. This set my mind to rest until the reports got blown up and there was much more on the internet. 


Symantec acknowledged that their source code was compromised but then I have a question - how  many places do you hand over source code ? a handful, right ...and then if you are handing over source code to anyone you will have some agreements in place and you will always know where it is and how safe it is. It seems Sym is clueless - yes code is compromised; but where did these guys get their hands on it ? They do not know!


Now we read that NAV is also being released - the source code I mean. We will need more space to hide embarrassed CxO's.


About India unleashing a major cyber espionage initiative, I seriously have my doubts. Ethical hackers, malware specialists, technology gurus are in real short supply for the Govt of India (GoI). The major issue is that government salaries suck and these guys can make more in a day than in a month. Of course there is a small number of geeks and geniuses but they have their hands full trying to keep the enemies out so where will they find time to launch an attack ! Wishful thinking and we are still far far away.


From the interview with YamaTough it is obvious he does not have a very high opinion about security in the GoI environment. Some stuff he says about the Government setup is true so how does one believe that these cloak and dagger organizations have the skills to carry out such an attack. 


In any case, lets wait to see the next tranche of documents that are due for release...









Labels: , , , , , ,