11:06 PM
Amarjit Singh
Every officer of the Indian Air Force (IAF) will now have to sign a declaration that they will not save or view any official document on personal computers. Failure to adhere to this directive will lead to a court marshal and prosecution.
The recent directive from the IAF headquarters to all its formations across the country comes after repeated leaks of sensitive documents - some of which are of operational and sensitive in nature - from personal computers of officers and men.
In a recent case, operational documents were found on the personal computer of a young pilot posted at an airbase in Tamil Nadu. A court of inquiry has been initiated.
In another incident this July, it was found that classified data regarding Indian Naval operations were transmitted to IP addresses in China. Later, inquiries revealed that a few naval officers had, against the rules, taken copies of the plans in pen drives from a naval computer, to study. The Chinese-made pen drives allegedly had malwares which transmitted the data back to IP addresses in China once they were used on computers connected to the internet.
Earlier last year, a major with the Indian Army posted in the crucial Andaman and Nicobar Command was investigated by the Intelligence Bureau (IB) and the National Investigative Agency (NIA) when classified Army plans and other sensitive operational data stored in his personal computer reached Pakistan's Inter-Services Intelligence Agency (ISI). The inquiry revealed that the Major was preparing for a course, and had taken copies of presentations and plans in his personal computer, which was subsequently hacked by malware originating from Pakistan.
In almost every case of cyber leak, subsequent inquiries have revealed that officers wanting to study the documents at leisure copied the data from the official systems into their personal computers, and the data later found its way into the cyberspace.
Over the years, cyberspace has emerged as a critical frontier for espionage as the use of computers and dependence on the internet has grown. Thus, document security has emerged as one of critical areas of concern for the government. It is perhaps alluding to these increasing instances of the cyberspace being used by foreign agencies to collect critical information. Prime Minister Manmohan Singh, while addressing top cops of the country at the annual security conference hosted by the Intelligence Bureau earlier this month, said, "Our country's vulnerability to cybercrime is escalating... Large-scale computer attacks on our critical infrastructure and economy can have potentially devastating results. The government is working on a robust cyber security structure."
The Indian armed forces are considering a joint cyber command to deal with document security and hackers, many of whom are funded and used by foreign governments searching for sensitive and strategic information. The Indian Navy has come up with an exclusive Information Technology brigade to be deployed on warships and various sensitive establishments on shore to manage and secure the network and data.
As a general rule, computers in which sensitive information are stored or prepared are never connected to the internet. "The IAF internal communication network, for instance, is not only a stand-alone network with no connection to the net, but also has the system configured in such a way that it doesn't allow external storage devices like pen drives or CDs," a senior MoD official told NDTV. Nonetheless, some officers have been found "keeping copies or preparing documents using critical information in their personal computers, which have subsequently passed out by malwares in the system or hacked," the officer added.
Posted in: Hacking and Cyber News
5 Visitor Reactions & Comments:
It is really sad to say but when there is a need to secure the systems and when the Indian Army, IAF and Indian Navy have to choose a best security product (anti-viruses, Internet Security suit, Firewalls, IPS, UTM etc) they do not select it based on the security features!! While the purchase is made its an open tender and whoever quotes less gets the tender and ultimately the security is compromised. The Officials fail to understand that if there is a security organization and they charges a little more for their security product, then it is simply because they have invested so much on their research on different threats, where as others who charge less have not done their research part enough and thats why they lack in their capability to secure us from all the threats seen day-to-day. Its a pity to say, the Govt just makes statement to upgrade their infrastructure but when the time comes they ask - "DO WE REALLY NEED TO SPEND ON THIS ?"
Well... in that case, it is also not correct that the costly one is the best security product. The main reason behind any hack activity is how much victim is aware about security and what all measures he has taken.
I agree to it. The end user needs to be educated with the real world technique and they have to be aware about the different methods and techniques used to hack them.
Awesome links... thanks a lot....... I liked UTM comparison a lot :)
It was updated almost an year back. Ill find time to update the list with more device and more info very soon and update you.
Post a Comment
For Guest Posts or your valuable suggestions... drop email on "[email protected]"