New Delhi, India — India’s profile and wealth have risen enormously in the world due to the constructive

use of information technology. At the same time, India ranks fifth in the world for cyber crime, according
to a report last year by the U.S.-based Internet Crime Complaint Center, a partnership between the Federal
Bureau of Investigation and the National White Collar Crime Center.

In fact, the report said that as India became home to the fourth highest number of Internet users in the
world, cyber crime has been rising at more than 50 percent per year. A striking example of such crime was
the attack on computers in the Indian prime minister's office by Chinese hackers last December.

Investigators are still coming to terms with the extent of damage caused by that attack, as the hackers had
targeted the cream of India's national security setup: National Security Advisor M.K. Narayanan, Cabinet
Secretary K.M. Chandrasekhar, the prime minister’s special envoy Shyam Saran and deputy National
Security Advisor Shekhar Dutt. In addition, 26 others were also squarely in the crosshairs of the hacking
attempt.

The timing of the espionage attempt led investigators to suspect the Chinese hackers of desperately trying
to access any available data on India's position at the Copenhagen Climate Summit being held at the time. It
may be noted that until Indian Prime Minister Manmohan Singh arrived in Copenhagen on Dec. 17,
Environment Minister Jairam Ramesh and Saran were singing different tunes.

But what has disturbed investigators most is that the Chinese hackers possibly had inside help. The
possibility of a mole within the Indian establishment helping a foreign adversary is staring investigators in
the face.

In March 2009, a China-based cyber spy network hacked into government and private systems in 103
countries, including many Indian embassies and the headquarters of the Dalai Lama. In May 2008, hackers
from China attacked the website of India’s Ministry of External Affairs. Despite official denials, at least
one website reported that hackers had stolen the identities and passwords of several Indian diplomats.

In the past three years, over 9,000 Indian websites have been at the mercy of an anti-India community.
Hackers based beyond India’s borders have become a threat for the government.

Cyber attacks from across the border are not new to India. This happened for the first time when India was
conducting nuclear tests at Pokhran in 1998 and hackers based in Pakistan attacked the websites of Zee
News and India Today. GForce Pakistan and Pakistani Hackerz Club took responsibility for the intrusions
and left behind threatening messages demanding that the nuclear tests be stopped.

After the terror attacks on the Indian Parliament in December 2001 and a massive troop standoff between
India and Pakistan several hacking incidents were reported.

Pakistani hackers also targeted the Indian website www.armyinkashmir.com, which was providing factual
information about daily events in the Kashmir Valley in 1999. Hackers posted photographs showing Indian
security forces allegedly killing Kashmiri people and blamed the Indian government for “atrocities” there.
Obviously, this had the intended impact in the valley.
In December 2008, the Indian Eastern Railways portal was hacked by Whackerz-Pakistan. The official
website www.easternrailway.gov.in bore a strange look. When opened, the top scroll on the site, which
normally consists of official announcements, had unusual notes. The first note read: “Cyber war has been
declared on Indian cyberspace by Whackerz-Pakistan (24 Dec-2008).”

The scene became grimmer after the terror attacks on Mumbai on Nov. 26, 2008. The Pakistan Cyber Army
hacked into the websites of the Indian Institute of Remote Sensing, the Center for Transportation Research
and Management, the Kendriya Vidyalaya of Ratlam – a chain of schools run by the Indian Army – and the
Oil and Natural Gas Corporation of India. The damage took a long time to repair.

Even at the individual level cyber attacks are on the rise in India. According to the New Delhi police, in
2009 email hacking and cheating cases went up by 150 percent. It is said that Nigerian gangs are very
active in India, particularly during festive seasons when massive purchases are transacted online, thanks to
the system of credit cards and online bank accounts.

In India cyber crime comes under both the traditional Indian penal code and the Information Technology
Act, 2000, which was amended in 2008. And here lies the confusion. Since policing is a matter of the state,
and complaints have to be lodged with the local police, it all depends under which law the police register a
case; it so happens that for the most part they prefer the age-hold penal code.

Local police are not conversant with the intricacies of the nationally legislated IT Act. But once a case is
filed under the penal code, the method of investigation must follow certain guidelines that make it
extremely difficult to prove most cyber crimes, experts say.

Even under the IT Act, investigations in India are not easy. This is mainly due to the lack of what is called
“cyber forensics.” We know that forensic evidence is important in normal criminal investigations. But the
collection and presentation of electronic evidence to prove cyber crimes have posed a challenge to
investigation and prosecution agencies and the judiciary.

Cyber-related techno-legal acumen and knowledge are not well developed in India. These require a sound
working and practical knowledge of information technology as well as relevant legal knowledge. Cyber
laws, international telecommunications laws, cyber forensics, digital evidencing and cyber security pose
difficult and sometimes hard to understand legal challenges to the courts. This explains why there are
almost no convictions of cyber criminals in India. Judges in India must fill in this legal gap.

To sum up, India needs a good combination of laws and technology, in harmony with the laws of other
countries and keeping in mind common security standards. In the era of e-governance and e-commerce, a
lack of common security standards can create havoc for global trade as well as military matters.

Information technology is a double-edged sword that can be used for destructive as well as constructive
work. It has now created a fifth dimension in addition to land, sea, air and space, though unlike the other
four dimensions, it is completely made and controlled by humans.

--
(Prakash Nanda is a journalist and editorial consultant for Indian Defense Review. He is also the author of
“Rediscovering Asia: Evolution of India’s Look-East Policy.” He may be contacted at
Prakash.nanda@hotmail.com. ©Copyright Prakash Nunda.)
Indian Embassy's website hacked by Chinese hackers Moscow, Apr 18 (PTI)
The website of the Indian Embassy here has been attacked twice by Chinese hackers,
prompting the mission to boost its cyber security.
Reliable sources in the Indian Embassy said at least two cyber attacks were traced to
Chinese servers, but denied leakage of any confidential information, which is processed
by "standalone" computers.

The embassy's Local Area Network (LAN) also has no direct internet access and the
firewall has been fortified, they said, adding the only hacking victim was the official
website, maintained by the information wing.

The website allows for online filling of visa and passport applications.
"The indianembassy.ru website in the public domain was affected to some extent that e-
mail IDs of the senior officials were cloned in the .com or gmail domains to spread the
malware," the sources said.

"For example for the legitimate 'infowing@ indianembassy.ru', IDs like

'infowing@indianembassy. com' and 'infowing@gmail.com' were used to spread spam
with malware," the sources said.

In a recent incident, the 'Daily Media Digest' issued by the Information Wing in the
evening was received by its recipients, including Moscow-based Indian journalists, early
morning and instead of word document, it had RAR archive arrangement.
The prompt warning circulated by the embassy not to open the attachment saved many
computers from the fresh lot of malware.

The incident assumes significance in the wake of a report about alleged Chinese cyber
espionage which has infected scores of Indian government and defence related sites.
US and Canada based Information Warfare Monitor and Shadowservers Foundation in
their report 'Shadows in the Cloud' had traced China's Chengdu based servers of ex-
filtering sensitive information from the Indian computers, including Indian diplomatic
missions in Moscow, London and Washington.

Commenting on the report, Russian media had raised concerns about sensitive and secret
information about Moscow and New Delhi's defence cooperation falling into the Chinese
hands.

Kommersant daily had said even in the cyber age the Russian missions use well tried
method of using old typewriters and a sheet of paper to guard their secret information