Away from the bombed- out roads in rural Georgia, the site of a war with Russia, another battle is on. Some say it’s a virtual war as its aim is to destroy the opponent’s Web and Internet communication assets. But in a seamless world that depends on such “invisible” infrastructure, the fight is very real.
In the conflict in the Caucasus, websites of the Georgian President and the foreign ministry have been defaced.
These might be annoying and it has been argued that such attacks were a response from Russian nationalists. But there’s more at stake here.
In many cases, vital internal communications, not only between armed forces, but also for utilities such as power stations, oil and gas pipelines, electricity grid controls, etc., rely on Web-based controls. Taking over the control of such assets and then disabling their functioning, via the Internet is much cheaper when compared with sending soldiers and warplanes on perilous missions to destroy them.
The Russians are not the only ones who are adept at such tactics: The Chinese, the Brazilians and a host of other nations have legions of skilled information technology (IT) specialists good at such tasks.
It’s not surprising that advanced industrial nations take such threats seriously. The US department of defense, for example, set up the Defense Cyber Crime Center (DC3) in 2001. DC3 is tasked with counter-intelligence, digital forensics, intrusion response and training missions. These are distinct from cybercrime operations that are run by law enforcement agencies. This separation is for a good reason.
Normal cybercrime leaves some kind of trail: money, suspect transactions, suspicious use of networks of computers for crime, etc. In case of intrusions for political purposes (as in a war), none of these distinctive features is visible. As a result, a very different response is needed. This has to be military in nature.
India also faces such threats. Yet, efforts at safeguarding such takeover of vital communication and other infrastructure are at a rudimentary stage. With a large IT talent base, the country should have no problem in handling such threats. The problem lies in coordination, where India is a laggard.
What should India do to protect itself from cyber attacks? Write to us at firstname.lastname@example.org