\"\"By Indrani Bagchi & Sanjay Dutta
\n
\nNEW DELHI: Cyber attacks against Indian websites have increased exponentially in 2013, despite the government supposedly building a credible cyber defence system.
\n
According to confidential reports by CERT-In<\/a> (Indian Computer Emergency Response Team), 4,191 Indian websites were defaced or hacked into in August, 2,380 in July, 2,858 in June and 1,808 in May. An overwhelming percentage of these attacks occurred in the .in domain, whose servers are in India – 80% in June and over 60% thereafter. The .in domain appears particularly vulnerable to attacks. Of the 2,380 Indian websites that were defaced in July, 1,511 were on .in domain and in June the number stood at 2,296 sites.
\n
\nThe top defacers India is battling are SA3D HaCk3D, h4x0r HuSsY, SanFour2S, BD GREY HAT HACKERS, Suwario, SpyDy, hasnain haxor and CouCouM, among others. The attacks cover both public and private sector entities, thought the former are more vulnerable, and more dangerous for national security, because these also cover India’s critical infrastructure.
\n
\nThese hackers’ modus operandi include stealing passwords or “sniffing”, injecting codes that attack data driven applications, active eavesdropping, called “man in the middle attacks”, web shell uploading etc. Essentially, all these techniques are used to scoop up information and then control the activities of the site. In commercial sites, the danger is in the area of industrial espionage. In critical infrastructure, these attacks can have huge national security consequences.
\n
In May 2013, the Cabinet cleared an ambitious cyber security architecture. But sources said there was negligible progress, even as attacks on India’s critical infrastructure increased in complexity. The
National Security Council Secretariat<\/a> (NSCS) under deputy NSA<\/a> (national security advisor) Nehchal Sandhu was supposed to create three centres of excellence on encryption and public policy. But despite logging numerous meetings on the issue, sources said there was little progress.
\n
\nThe NSCS was supposed to do other things as well -- create a testing infrastructure, build a threat intelligence system, invest in research and development on cyber security and build a cadre of cyber security professionals -- India has under 600 such as compared to 1.25 lakh in China and almost 1 lakh in the US.
\n
\nThe government cleared the post of a cyber-coordinator whose job it would be to integrate all the different strands of cyber defence policy. That has not been announced because top bureaucrats are believed to be in a silent internecine battle. Sandhu was himself a top intelligence operative before becoming deputy NSA.
\n
India’s new architecture, unveiled by NSA
Shivshankar Menon<\/a>, sounds grand. It envisages interconnected set of organizations in key departments such as NTRO, defence and home ministries, while CERT-In remains the umbrella body to oversee cyber protection.
\n
\nA key aspect of the architecture is that the government will work with ISPs (independent service providers) to oversee metadata of Indian users but not mine the data. Menon had flagged a set of recommendations for government-private sector collaboration on cyber security last October and that forms the basis of the new architecture.
\n
\nThe government is also keen that Indian companies develop indigenous security software because they feel foreign-origin software is compromised. But Indian companies have still not been able to master the kind of code-writing expertise that is seen in the US and Russian cyber entities.\n\n<\/body>","next_sibling":[{"msid":25748464,"title":"Shaygan Kheradpir becomes Juniper\u2019s new CEO","entity_type":"ARTICLE","link":"\/news\/shaygan-kheradpir-becomes-junipers-new-ceo\/25748464","category_name":null,"category_name_seo":false}],"related_content":[],"msid":25986621,"entity_type":"ARTICLE","title":"Spurt in attacks on Indian websites","synopsis":"According to confidential reports, 4,191 Indian websites were defaced or hacked into in August, 2,380 in July, 2,858 in June and 1,808 in May.","titleseo":"spurt-in-attacks-on-indian-websites","status":"ACTIVE","authors":[{"author_name":"Indrani Bagchi","author_link":"\/author\/3983\/indrani-bagchi","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/3983.cms?width=100&height=100&hid=268","author_additional":{"thumbsize":true,"msid":3983,"author_name":"Indrani Bagchi","author_seo_name":"Indrani-Bagchi","designation":"Senior Editor","agency":false}},{"author_name":"Sanjay Dutta","author_link":"\/author\/6912\/sanjay-dutta","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/6912.cms?width=100&height=100&hid=268","author_additional":{"thumbsize":true,"msid":6912,"author_name":"Sanjay Dutta","author_seo_name":"Sanjay-Dutta","designation":"Assistant Editor","agency":false}}],"Alttitle":{"minfo":""},"artag":"TNN","artdate":"2013-11-18 02:26:25","lastupd":"2013-11-18 15:13:01","breadcrumbTags":["National Security Council","National Security Council Secretariat","Enterprise IT","NSA","NSCI","Cybersecurity","CERT-In","Shivshankar Menon"],"secinfo":{"seolocation":"spurt-in-attacks-on-indian-websites"}}" data-authors="[" indrani bagchi","sanjay dutta"]" data-category-name="" data-category_id="" data-date="2013-11-18" data-index="article_1">

    冲刺攻击印度的网站

    根据机密报告,4191年8月印度网站被损坏或侵入,2380年7月,2858年6月和1808年5月。

    巴格奇Indrani 桑贾伊·杜塔
    • 2013年11月18日更新是03:13点
    巴格奇Indrani &桑杰杜塔

    印度新德里:网络攻击网站增加了指数在2013年,尽管政府应该建立一个可信的网络防御系统。

    根据机密报告(印度计算机紧急响应小组),4191年8月印度网站被损坏或侵入,2380年7月,2858年6月和1808年5月。压倒性的比例。这些袭击发生的领域,他的服务器在印度6月- 80%和超过60%之后。在域似乎特别容易受到攻击。2380年7月印度网站,被损毁,1511年6月在域,站在2296网站。

    顶部defacers印度正在SA3D HaCk3D, h4x0r轻佻,SanFour2S, BD灰帽黑客,Suwario, SpyDy,哈斯南haxor CouCouM,等等。攻击包括公共和私营部门的实体,认为前者更脆弱,更危险的国家安全,因为这些也覆盖印度的关键基础设施。

    这些黑客的做法包括盗取密码或“嗅探”,注入攻击数据驱动的应用程序代码,活跃的窃听,称为“中间人攻击”,web壳上传等。从本质上讲,所有这些技术被用来收集信息,然后控制网站的活动。在商业网站,危险是在该地区的工业间谍活动。在关键基础设施,这些攻击可以有巨大的国家安全后果。

    2013年5月,内阁清除一个雄心勃勃的网络安全体系结构。但消息人士称,是微不足道的进步,即使攻击印度的关键基础设施增加了复杂性。的国家安全委员会秘书处(nsc)的副手国家安全局(国家安全顾问)Nehchal Sandhu应该创建三个中心卓越的加密和公共政策。尽管日志众多会议在这个问题上,消息人士称几乎没有进展。

    nsc应该做其他的事情——创建一个测试基础设施,构建一个威胁情报系统,投资于研究和开发网络安全,建立一个网络安全专家的干部相比,印度在600等1.25多数在中国和将近十万的在美国。

    政府扫清了职务cyber-coordinator的工作将是整合所有不同的赛博防御政策。尚未公布,因为高级官员被认为是在一个寂静的两败俱伤的战争。Sandhu自己是一位高级情报人员在成为副国家安全顾问。

    印度的新架构,由国家安全局公布Shivshankar Menon,声音大。它设想相互关联的组组织NTRO等关键部门,国防和家庭部门,而、仍然是机构监督网络的保护。

    体系结构的一个关键方面是政府将与isp(独立服务提供商)监督印度用户的元数据,但不是我的数据。梅农有标记的一组建议government-private去年10月部门网络安全的合作,形成新的体系结构的基础。

    政府还希望,印度企业发展本土安全软件,因为他们觉得外国血统软件被破坏。但是印度公司仍然无法掌握的编码技术在美国和俄罗斯的网络实体。
    • 发布于2013年11月18日上午02:26坚持
    是第一个发表评论。
    现在评论

    加入2 m +行业专业人士的社区

    订阅我们的通讯最新见解与分析。乐动扑克

    下载ETTelec乐动娱乐招聘om应用

    • 得到实时更新
    • 保存您最喜爱的文章
    扫描下载应用程序
    \"\"By Indrani Bagchi & Sanjay Dutta
    \n
    \nNEW DELHI: Cyber attacks against Indian websites have increased exponentially in 2013, despite the government supposedly building a credible cyber defence system.
    \n
    According to confidential reports by CERT-In<\/a> (Indian Computer Emergency Response Team), 4,191 Indian websites were defaced or hacked into in August, 2,380 in July, 2,858 in June and 1,808 in May. An overwhelming percentage of these attacks occurred in the .in domain, whose servers are in India – 80% in June and over 60% thereafter. The .in domain appears particularly vulnerable to attacks. Of the 2,380 Indian websites that were defaced in July, 1,511 were on .in domain and in June the number stood at 2,296 sites.
    \n
    \nThe top defacers India is battling are SA3D HaCk3D, h4x0r HuSsY, SanFour2S, BD GREY HAT HACKERS, Suwario, SpyDy, hasnain haxor and CouCouM, among others. The attacks cover both public and private sector entities, thought the former are more vulnerable, and more dangerous for national security, because these also cover India’s critical infrastructure.
    \n
    \nThese hackers’ modus operandi include stealing passwords or “sniffing”, injecting codes that attack data driven applications, active eavesdropping, called “man in the middle attacks”, web shell uploading etc. Essentially, all these techniques are used to scoop up information and then control the activities of the site. In commercial sites, the danger is in the area of industrial espionage. In critical infrastructure, these attacks can have huge national security consequences.
    \n
    In May 2013, the Cabinet cleared an ambitious cyber security architecture. But sources said there was negligible progress, even as attacks on India’s critical infrastructure increased in complexity. The
    National Security Council Secretariat<\/a> (NSCS) under deputy NSA<\/a> (national security advisor) Nehchal Sandhu was supposed to create three centres of excellence on encryption and public policy. But despite logging numerous meetings on the issue, sources said there was little progress.
    \n
    \nThe NSCS was supposed to do other things as well -- create a testing infrastructure, build a threat intelligence system, invest in research and development on cyber security and build a cadre of cyber security professionals -- India has under 600 such as compared to 1.25 lakh in China and almost 1 lakh in the US.
    \n
    \nThe government cleared the post of a cyber-coordinator whose job it would be to integrate all the different strands of cyber defence policy. That has not been announced because top bureaucrats are believed to be in a silent internecine battle. Sandhu was himself a top intelligence operative before becoming deputy NSA.
    \n
    India’s new architecture, unveiled by NSA
    Shivshankar Menon<\/a>, sounds grand. It envisages interconnected set of organizations in key departments such as NTRO, defence and home ministries, while CERT-In remains the umbrella body to oversee cyber protection.
    \n
    \nA key aspect of the architecture is that the government will work with ISPs (independent service providers) to oversee metadata of Indian users but not mine the data. Menon had flagged a set of recommendations for government-private sector collaboration on cyber security last October and that forms the basis of the new architecture.
    \n
    \nThe government is also keen that Indian companies develop indigenous security software because they feel foreign-origin software is compromised. But Indian companies have still not been able to master the kind of code-writing expertise that is seen in the US and Russian cyber entities.\n\n<\/body>","next_sibling":[{"msid":25748464,"title":"Shaygan Kheradpir becomes Juniper\u2019s new CEO","entity_type":"ARTICLE","link":"\/news\/shaygan-kheradpir-becomes-junipers-new-ceo\/25748464","category_name":null,"category_name_seo":false}],"related_content":[],"msid":25986621,"entity_type":"ARTICLE","title":"Spurt in attacks on Indian websites","synopsis":"According to confidential reports, 4,191 Indian websites were defaced or hacked into in August, 2,380 in July, 2,858 in June and 1,808 in May.","titleseo":"spurt-in-attacks-on-indian-websites","status":"ACTIVE","authors":[{"author_name":"Indrani Bagchi","author_link":"\/author\/3983\/indrani-bagchi","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/3983.cms?width=100&height=100&hid=268","author_additional":{"thumbsize":true,"msid":3983,"author_name":"Indrani Bagchi","author_seo_name":"Indrani-Bagchi","designation":"Senior Editor","agency":false}},{"author_name":"Sanjay Dutta","author_link":"\/author\/6912\/sanjay-dutta","author_image":"https:\/\/etimg.etb2bimg.com\/authorthumb\/6912.cms?width=100&height=100&hid=268","author_additional":{"thumbsize":true,"msid":6912,"author_name":"Sanjay Dutta","author_seo_name":"Sanjay-Dutta","designation":"Assistant Editor","agency":false}}],"Alttitle":{"minfo":""},"artag":"TNN","artdate":"2013-11-18 02:26:25","lastupd":"2013-11-18 15:13:01","breadcrumbTags":["National Security Council","National Security Council Secretariat","Enterprise IT","NSA","NSCI","Cybersecurity","CERT-In","Shivshankar Menon"],"secinfo":{"seolocation":"spurt-in-attacks-on-indian-websites"}}" data-news_link="//www.iser-br.com/news/spurt-in-attacks-on-indian-websites/25986621">