India: Cyber Attacks Widespread

Wednesday, January 16, 2013 @ 12:01 PM gHale

By Richard Sale
Half the PCs of government websites in India have become increasingly defenseless to cyber attacks, while hostile computer intrusions in India’s social media have increased by 170 percent, thanks mainly to the growth of malware and their modifications on mobile devices, especially on the Android platform, U.S. officials said.

“There is no energy put into security,” said a former senior CIA official who consults for the agency. “Read the report. It’s extremely alarming.”

Cyber War Stakes Rising
DHS: Infrastructure Attacks on Rise
Grid Vulnerable to Attack
Agencies Join in Security Plan
Security Legislation a Must: NSA Chief
FERC Creates Cyber Security Division
Billions Lost in Cyber Attacks: NSA Head

The report is “The Quick Heal Annual Windows and Mobile Malware Report, 2012,” released last week by Quick Heal Technologies which said India’s “social engineering devices” still remain the most widespread and easiest ways of spreading malware.

Quick Heal Technologies, a major anti-virus solutions provider and a key player in stopping the spread of cyber criminals in India, identified the Google Android platform and mobile applications as the easiest way for hackers to compromise devices. Its report noted a sharp rise in Windows malware as well as virus attacks on mobile phones, especially Android-based smartphones, in 2012 compared to 2011. The report also said while the PC is still the prevalent target for malware authors, there is an obvious peak in the growth of malware and their modifications on mobile devices, especially on the Android platform.

The report also gave a brief history, stating virus attacks in the mobile space have started soaring at a rapid pace with 30 percent growth registered in 2012, and said cyber criminals are responsible for an 80 percent increase in its modifications of the Android platform. Cybercriminals use social engineering, toll fraud and other ways to convert infected devices into cash minting machines.

“There is indubitable evidence that cybercriminals continue to use social engineering devices because they are the easiest exploiting the vulnerabilities of human platforms,” the CIA consultant said. “These devices attract hackers. They act like magnets.”

The report said mobile applications have become the easiest way to compromise devices. Over 25 billion apps ended up downloaded from Google Play in 2012, which make applications easy and profitable attack vehicles.

While Windows continues to be the major operating system on computers it only makes sense attackers hit it the most.

Sanjay Katkar, technical director and CTO at Quick Heal Technologies, told the India Times, “Windows is still the most attacked operating system. 2012 saw numerous attacks that were devised for Windows vulnerabilities. Cybercriminals have leveraged zero-day exploits even more effectively with new software patterns and business models. The web is still the most conventional way of targeting victims,” he said.

Asked about the cyber security of India’s industry, the CIA consultant said, “India’s industry is very vulnerable. Little notice has been taken in many sectors of persistent cyber risks to industrial sites, and there is little movement to improve. The government hasn’t put effective systems in place.”

Even as the number of Internet users continues to rise and the government increasingly seeks to offer citizen-centric services through the Internet, data gathered by Indian officials show about half the government departments and ministries in India are vulnerable to data theft, hacking and cyber terrorism, according to Indian news reports.

Indian government officials said of 7,000 government websites, only 3,192 have undergone auditing for information technology (IT) security, while 3,556 others in the process of an audit. The host for most government sites is the National Informatics Centre (NIC). Before they end up hosted, these sites have to get a security certificate. The government has empanelled auditors to certify the security of such websites, yet most of the government websites do not have proper security checks in place, reports said.

In 2009, 201 websites of various ministries and government departments suffered a hack attack. This number rose to 303 in 2010, 308 in 2011 and 294 in 2012 (through October), according to data with Indian Computer Emergency Response Team (CERT-In), the cyber security arm of the government. To date, the defacement of Indian websites has almost tripled, compared to 2007.

According to government data, 774 government websites have suffered some form of an attack in the last five years. These attacks originated from Australia, Bahrain, Brazil, Egypt, Germany, Indonesia, Lebanon, Libya, Morocco, Pakistan, Saudi Arabia, Spain, Turkey, the UAE, the UK and the U.S.

The Indian government suffered big losses from the defacement and hacking of government websites. The Reserve Bank of India said between 2009 and 2011, 489 e-fraud cases ended up reported, and they led to a loss of about Rs 28.46 crore or several million U.S. dollars. Separately, the Central Bureau of Investigation’s economic offences unit registered nine financial fraud cases between 2009 and 2012 (February). These led to a loss of Rs 43.92 crore or over $9 million.

This is despite the huge sums the government spends to tighten security loopholes every year. In 2012-13, the Department of Electronics and Information Technology allocated Rs 45.2 crore, equal to hundreds of millions U.S. dollars, toward cyber security.
Regarding the spread of malware in social engineering, Quick Heal technology experts pointed out in news reports that people still prefer convenience over security, and that malware doesn’t attack the victims alone, but it targets almost everyone with a smartphone.

The report said most of the attacks ended up financially motivated and aimed at stealing money from the victims. Trojans and backdoors comprised the vast majority of malware at 68 percent and 13 percent, respectively, while virus and worms comprised 14 percent of the samples received and adware took up five per cent. The goal of most of the malware families is to steal money from the victim. Trojans and SMS Trojans comprised the vast majority of mobile malware attacking the mobile devices at 21 percent and 38 percent respectively.

New vulnerabilities assaulted Java browser plug-ins in all leading browsers. Socially engineered emails and poisoned web pages disguised in the form of fake anti-virus software that froze PCs asking for money to register and remove the virus threat, said the report. The CIA consultant said the malware resembles ransomware used by criminals in the United States that earned $5 million last year.

“It is pivotal that our efforts are driven to educate, inform and create awareness among the end users because as people embrace newer platforms and devices there are more and more who end up at the wrong end of attacks,” Katkar said.

The top Android malware circulating in the Indian Mobile device threat scenario include the following: Android.BoxerSms, Android.GingerMaster, Android. Kungfu, Android. Leadbolt(Adware), Android.Kmin, Android.BaseBridge, Android.GoldDream, Android.Ksapp and Android.Plankton(Adware).

The top Windows malware circulating in the Indian threat scenario are W32.Sality.U, W32.Virut.G, Trojan.Starter.yy4, 32.Autorun.Gen, TDSS/Alureon, W32.Ramnit.A, Worm.VB.HA, and 32.Xpaj.C.
Richard Sale was United Press International’s Intelligence Correspondent for 10 years and the Middle East Times, a publication of UPI. He is the author of Clinton’s Secret Wars and Traitors.

Leave a Reply

You must be logged in to post a comment.