In Asia, the largest number of penetrations for
defacements since 1995 has been from South Korea (142), followed
by Japan (63), China (59), Malaysia (46), India (37), Singapore
(20) and Pakistan (17). The much smaller number in Pakistan as
compared to India does not necessarily mean that IS security there
is better than in India. It is more due to the fact of a much
larger spread of networks in India. The more the networks, the
greater the possibility of penetration.
Pakistan lags far behind India in Information Technology (IT), but Gen. Pervez Musharraf, its self-styled Chief Executive, has embarked on an ambitious programme for catching up with India. Budgetary allocations have been increased considerably to promote computer education and research and to persuade Pakistani IT experts in the West to help Pakistan in this regard.
However, there is one domain in which Pakistan seems to have taken a lead over India-- in mobilising the resources of overseas Pakistani and other Islamic IT experts and hackers in its electronic Psychological Warfare (Psywar) against India and in raising a dedicated corps of hackers, who could be used to identify weak points in the IS of Indian establishments and use them appropriately.
The potential of the World Wide Web (WWW) for Psywar purposes was realised by the Inter-Services Intelligence (ISI) long before the Indian intelligence did.
There are about 150 jehadi websites on the WWW today. They provide the following services:
* Dissemination of information regarding jehad in different countries.
* Instructions on how to become a Mujahideen, how to prepare improvised explosive devices etc.
* Database on where one could purchase arms and ammunition and their prices.
* A bibliography of 266 articles on urban guerilla warfare and low-intensity conflicts.
* Anti-State propaganda.
About one-third of these web sites relate to the so-called jehad in Kashmir and are run by organisations such as the JKLF, the Harkat-ul-Mujahideen, the Lashkar-e-Toiba etc.
Groups such as Attrition periodically publish a list of the 10 most active hacker groups of the world. Two groups of Pakistani hackers, calling themselves "GforcePakistan" and "Pakistanhc" figure in this list. The first one is estimated to have caused 110 defacements all over the world since 1995 and the second 99 defacements. Their targets include not only India, but also the US to protest against the US attitude on Kashmir.
A third group calling itself the Muslim Online Syndicate (MOS) surfaced in March last, with an unverified claim of having defaced almost 600 Web sites in India and taken control of several Indian government and private computer systems, in protest against alleged Indian atrocities in Kashmir.
Mr.D. Ian Hopper, the CNN's Interactive Technology Editor, reported as follows: "Unlike the majority of Web vandals, the MOS members say they secretly take control of a server, then deface the site only when they "have no more use" for the data or the server itself."
He quoted one of the members of the group as saying as follows: "The servers we control range from harmless mail and Web services to 'heavy-duty" government servers. The data is only being archived for later use if deemed necessary."
It was suspected that the MOS managed to have access to Indian Websites and IS through Alabanza, a Pakistani-controlled American Internet Service Provider, which had reportedly a collaboration agreement with a well-known Indian dot.com company, without the latter being aware of its Pakistani connection.
There are many other Pakistani and Islamic hacker groups which have been active, with some of them giving online tutorials on how to use malicious software and hack and even providing malicious software, which can be downloaded and sent to someone whose computer one wants to damage.
These groups describe the growing number of hackers in the Pakistani Diaspora abroad as "Pakistan's greatest natural resource". The fact that they are able to indulge in such blatantly illegal activities online despite stringent Western laws against cyber crime and vandalism should be a matter of concern to Indian national security managers.
Cyber Space Security Management has already become an important component of National Security Management, Military-related Scientific Security Management and Intelligence Management all over the world. Future intrusions threatening our national security may not necessarily come from across the land frontier, or in air space or across maritime waters only, but could also come in cyber space. Intelligence operations and covert actions will be increasingly cyber based. It is important that our intelligence agencies gear themselves up to this possibility from now onwards.
It is, therefore, advisable to put in place a National Cyber Space Security Management policy to define the tasks that need attention, specify the responsibilities of the individual agencies and provide for an integrated approach and architecture.