Tuesday, November 22, 2011

TECHNOLOGY: HACKING Our Ether Warriors Govt hiring hackers to keep cyberware secure DEBARSHI DASGUPTA

ILLUSTRATION BY SORIT
TECHNOLOGY: HACKING
Our Ether Warriors
Govt hiring hackers to keep cyberware secure

A Digital Cadre...

  • The Union home ministry is supporting the launch of a database of hackers who protect India's online interests
  • India has repeatedly come under attack from hackers who have stolen classified data
  • 'Official' hackers will defend key areas such as banking, telecom, defence etc from cyber attacks
  • The database is to be launched at a conference on hacking to be held in Mumbai next week

***

Having suffered repeated attacks by hackers from across the globe, the Indian government has decided to turn to people who can fight them best—hackers themselves. The Union ministries of home affairs and information, communication & technology are backing a move by the Information Security and Analysis Centre (ISAC), a not-for-profit group based in Mumbai, to launch a pool of hackers who will be trained to protect India's critical infrastructure, including the banking, power and telecom and space research sectors, from cyber attacks. The National Security Database (NSD) will be launched next week at a hacking conference in Mumbai.

Alok Vijayant, director of the information dominance group at the National Technical Research Organisation, the nation's chief technical intelligence monitoring authority, says NSD should not be "trivialised" by describing it as just as a group of hackers. "Supported by the government and the industry, NSD is a good initiative, since it will provide a readymade database of the most credible security professionals. This is more so because information security is a domain where individuals have the skills and not companies and they tend to regularly move from one firm to another."

Hacking attacks targeting India have risen dramatically, especially in the last few years, and have gone beyond just defacing websites. Most of these attacks are thought to have originated from within China and Pakistan. In 2010, researchers from the Munk School of Global Affairs at the University of Toronto found out that a China-based computer spying ring had gained illegal access to Indian government computers and had ferreted out sensitive information related to defence, foreign affairs and the Dalai Lama. The same year a computer worm called Stuxnet, which infects Siemens industrial software and equipments, was reported from across India and suspected to have damaged ISRO's INSAT-4B satellite. And in July this year, a group of hackers released copies of sensitive correspondence between representatives of the Indian embassy in Moscow and a local military hardware manufacturer.

According to Dominic K., a cyber security expert and a core team member of ISAC, the database will provide an "ecosystem that encourages cyber security specifically focused on protecting India's interests. Wars in the future will not be fought with guns and bullets but with bits and bytes".

Interested hackers will be recruited into the NSD after appearing for an exam that will be held at regular intervals and will cost Rs 25,000 for every attempt. Training will be provided for free. Once selected to join NSD, they will be paid a monthly stipend. Some of the domains they can specialise in include fraud investigation, digital forensic analysis. The government will also, from time to time, specify areas where skills may be needed to be built. And given that they will be working for the government, these hackers, according to the promoters of NSD, will also be provided with a legal cover for their hacking activities.

While the government has engaged the services of hackers before, NSD is perhaps the first time it is going to depend on a readily available and structured database of hackers. Given that they will be handling sensitive information, ISAC director Rajshekhar Murthy says it is necessary to have people who are not only competent but also have a high degree of trustworthiness and integrity. "The selection process will involve examination of references, technical skills, criminal history, and even psychological assessment to generate a credit report for security clearance."

PRINT COMMENTS
TRANSLATE INTO:
Powered by Translate
 
DAILY MAIL
NOV 19, 2011 05:22 PM
1

 The idea appealed to me till I reached the line---

""Interested hackers will be recruited into the NSD after appearing for an exam that will be held at regular intervals"---

OK, let me interpret that one..... NSD being  a government initiative I am sure PSU will conduct the written test & interview? Now, now, since it is a PSU government test I suppose 18% reservation to SC, 8% to SC, 27% to OBC,  10% to Muslims, 2% to sports quota and 10% for other quotas??? Sure, like all other government naukris those who with a "recommendation letter" from local MP/MLAS will get preference. Ofcourse you will have to bribe from peun to the director to get the actual offer letter on hand!!!!

Anyone here think any self respecting hackers will go throug these humiliating sarkari process?? Ofcourse I could be wrong, infact I hope I am wrong- for our country's sake!!!

PRASANTH
MELBOURNE, AUSTRALIA
NOV 19, 2011 07:55 PM
2

Dear Readers,

This is Rajshekhar Murhty, Director of ISAC.

I just happened to read this article and would like to clarify few things in interest of the readers:

1. "Interested hackers will be recruited into the NSD after appearing for an exam" 

This is not precise. NSD is a non-profit initiative and recruitment of any kind is not based on quota or reservation - and is purely on merit, open to both the Industry and the Government solely on their requirement. Empanelment into NSD does not mean recruitment by the Government.

2. "Once selected to join NSD, they will be paid a monthly stipend."

This is not precise again - Only qualifying delegates selected for research by ISAC or as trainees by supporting organizations will be paid monthly stipend.

For example - QuickHeal Corporation among others has provided official support by extending on job trainings and direct final job interviews for students who successfully qualify in NSD Lab exams.

ISAC has funded indigenous Indian security research such as the recent malware utilizing Xbox Kinect and advanced malware for Apple products - both to be proudly showcased at our own International Malware Conferece, MalCon on 26/11 at JW Marriott, Mumbai. You can know more about the philosophy of Malcon from its website!

And Prashant - for the country's sake... I am glad that you are wrong :)

I hope you always give your kind blessings to this noble project.

Regards,

rajsm

RAJSHEKHAR MURTHY
MURTHY, INDIA
NOV 20, 2011 12:04 AM
3

Dear Dr Murthy,

Just went to check MalCon website, Here is an excerpt of the speakers:

 Peter Kleissner - Windows 8 Bootkit and Art of Bootkit development
*please note that the speaker's travel is not confirmed yet – as the VISA application is still pending for approval by authorities*

This is how Indians Govt treats scientists. Same for the French Mathemetician Demailly  who was denied Visa for the IISc Conference. Its a very sad day for India.

ANBANERJEE
NEWCASTLE, UNITED KINGDOM
NOV 20, 2011 12:10 AM
4

Loved that Prashath!

Rajshekhar Murthy, I am convinced that you indeed are a Sanghi (that is a special designation in Indian secular sphere. Love it or hate it, but you are a Sanghi).
You upper-cast Brahmin boy (oops I don't know if you are, but I don't care, You Are), hell bend to destroy the untouchable constitution written by one and only Dr Ambedkar.
How dare you!

SANTOSH GAIROLA
HSINCHU, TAIWAN
NOV 21, 2011 06:06 PM
5

 @Rajashekhar Murthy,

What kind of a place is Murthy, India? Can you give me the Google map location for it?

What kind of a director are you, who writes a comment post in response to an  Outlook article, and expect your credentials to be deemed authentic? Do you know how to set up a fake reader identity on Outlook magazine?

By the way,, my place is here. And my parents are Onions too, bwahaha.

TEARFUL ONION
JHUMRI TALAIYYA, INDIA
Post a Comment
You are not logged in, please log in or register

No comments: