Don’t raise your expectations so quickly my friends, it is just the beginning. There are and will be lot of bureaucratic challenges, lots of babus/netas on the way, sooner or later it has to happen. Either system will drive this or will get driven, there won’t be any alternative left. But yes, indeed things take huge time in govt. and so will this particular one.
This issue is now at diplomatic level, read this one: http://www.timesonline.co.uk/tol/news/world/asia/article6991789.ece India’s NSA and China’s Foreign Ministry Spokesperson comments over this cyber espionage. From: [email protected] [mailto:[email protected]] On Behalf Of Muslim Koser Sent: 18 January 2010 17:16 To: [email protected] Cc: [email protected]; [email protected]; [email protected] Subject: Re: [Owasp-delhi] Chinese Hackers Target PMO Computers(Breaking News) Correct, I know most of the people from the team which Dhruv is talking about, they are really good and led by a dynamic leader and I have seen the way they function selflessly. But as you correctly pointed out, these people alone can only do things to a certain point, and to have control over the internet which china has, it will take large number such teams to provide tech support and Babus and netas have to understand this as real problem. Normally cyber related activity is down below the list they tend to focus more on other attention hogging live issues. In India people just try to comply to minimum regulation requirements just to show documentary evidence of compliance, actual on ground story is totally different – This attitude has to change From: [email protected] [mailto:[email protected]] Sent: 18 January 2010 16:58 To: Muslim Koser; [email protected] Cc: [email protected]; [email protected] Subject: RE: [Owasp-delhi] Chinese Hackers Target PMO Computers(BreakingNews) Agreed fully Muslim. On top of that the corrupt bureaucrats is another layer that we have to fight... Going by what Dhruv Soi says about the patriotic people within the departments, what about the ministerial babus, who have just joined the election fray to make money? Even if we can get all the security layers secured reasonably well, we still have the corruption angle to be addressed...and who knows when that will be addressed? Thanks & Regards, Venkatesh Jagannathan (Venki) | Digital Security Practice |Ë: +91-91766 VENKI | +: 443037 |É: +91-44-47403000 x:443037 | ý: <blocked::http://www.cognizant.com/> http://www.cognizant.com |€: <blocked::http://www.linkedin.com/in/heyvenki> http://www.linkedin.com/in/heyvenki P Avoid plastics. Use recycled paper bags. Save Trees. Avoid Printing. +----------------------------------------------------------------------------+ | Thinking is the Capital, Enterprise is the way, Hard Work is the solution. | | Avul Pakir Jainulabdeen Abdul Kalam - Ignited Minds. | +----------------------------------------------------------------------------+ From: [email protected] [mailto:[email protected]] On Behalf Of Muslim Koser Sent: Monday, January 18, 2010 9:43 AM To: Sanjay K Cc: [email protected]; [email protected] Subject: Re: [Owasp-delhi] Chinese Hackers Target PMO Computers(BreakingNews) Hi Sanjay, I don’t think ISP’s in India can take lead on this, Chinese are successful in doing this because of strong will of Govt. In handling these issues. In India where most of the things are at the hands of Private players its becomes very difficult to implement these solutions. Especially because if the <http://en.wikipedia.org/wiki/Bureaucratic_collectivism> Bureaucratic process in the govt. People will only look for ways out even if such ordinance in passed by government and it will take years to implement them and that will also be non-effective implementation. I anyone can take lead on this, it has to be government who will have to take care of things from start to end, just passing an order and making mandatory for ISPs to have these solutions will help. Muslim From: Sanjay K [mailto:[email protected]] Sent: 17 January 2010 19:28 To: [email protected]; Muslim Koser; Ritesh Agrawal; [email protected]; [email protected] Subject: RE: [Owasp-delhi] Chinese Hackers Target PMO Computers (BreakingNews) Hi Dhruv, thnk for the update. I am amazed and it is a learning on how the Chinese have a very strong "content filtering firewall" and much less vulnerable than anyone else. Not sure if this is the right fora, but the key proactive and predictive strategy would come with ISP's in India taking a lead and actively involved in a larger security policy framework, cert-in can be mostly a facilitator. _____ From: Soi, Dhruv [mailto:[email protected]] Sent: Saturday, January 16, 2010 5:24 PM To: Sanjay K; [email protected]; 'Ritesh Agrawal'; [email protected]; [email protected] Subject: RE: [Owasp-delhi] Chinese Hackers Target PMO Computers (BreakingNews) Hi Sanjay and Muslim, As we know, Russians are more known for cyber mafia infrastructure and RBN economics which was used just as a gateway here and I clarified this in my last email as well. Media is doing their best job in trying to cook more over it to make it appear that their channel has got the accurate news and others don’t. Below are some more links to press coverage: http://www.youtube.com/watch?v=WA24fpap31M http://www.viddler.com/explore/antipreneur/videos/1/ http://timesofindia.indiatimes.com/india/Russian-mafia-may-be-behind-PMO-cyber-attack/articleshow/5450430.cms http://www.dailytimes.com.pk/default.asp?page=2010\01\16\story_16-1-2010_pg7_25 <http://www.hindustantimes.com/No-breach-in-computer-security-system-PMO/H1-Article1-497598.aspx> http://www.hindustantimes.com/No-breach-in-computer-security-system-PMO/H1-Article1-497598.aspx The only thing investigators found later, this attack was not limited to just 32 officials as has been highlighted in almost every news channel or newspaper so far. Rather, the attack was carried out against not 100 or 200 but more than 450+ key govt. officials. Upcoming news reports might have this update. I agree to your point Sanjay and I would say if we don’t build up a mutli-pronged cyber security policy in the interest of national security today, it would be too late. This particular attack raised the eyebrows of many govt. officials and is directly being briefed to NSA, so all officials involved are equally concerned. Attack used a 0-day vulnerability and an already compromised account which could have been carried out against any individual or country undetected through security devices/antivirus software. The best thing which I appreciate and congratulated the investigators that this time we were better equipped to handle the situation. Better means, better than even what US cyber security teams might have done. Many Thanks, Dhruv From: [email protected] [mailto:[email protected]] On Behalf Of Sanjay K Sent: 16 January 2010 10:52 To: Ritesh Agrawal; [email protected]; [email protected]; [email protected] Subject: Re: [Owasp-delhi] Chinese Hackers Target PMO Computers (BreakingNews) Dhruv, Since you are in touch with the investigators, how much truth is behind the Russian hackers. Also believe you can play a role for a more proactive and predictive cert-in involvement, India online industry is in nascent stage and these are early signs for a requirement of more collective and co-ordinated effort. -kharb _____ From: [email protected] [mailto:[email protected]] On Behalf Of Ritesh Agrawal Sent: Friday, January 15, 2010 11:47 PM To: [email protected]; [email protected]; [email protected] Subject: Re: [Owasp-delhi] Chinese Hackers Target PMO Computers (BreakingNews) Why can we not build our own army to counter attack or we are only here to make money in $ and proud ourself to work in reputed MNCs. --- On Fri, 15/1/10, Soi, Dhruv <[email protected]> wrote: From: Soi, Dhruv <[email protected]> Subject: Re: [Owasp-delhi] Chinese Hackers Target PMO Computers (Breaking News) To: [email protected], [email protected] Date: Friday, 15 January, 2010, 8:34 PM As stated in the news clipping as well, key govt. functionaries like Deputy NSA, Climate Change Envoy were compromised so it was a real serious attack. But damage containment started in just a few minutes after the incident. I know the patriotic zeal of these people and we should be proud of them. From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: 15 January 2010 17:02 To: [email protected]; [email protected]; [email protected]; [email protected]; [email protected] Subject: Re: [Owasp-delhi] Google may wrap up business from China What was the severity of the data compromised? Were anyting substantial lost? Thanks & Regards, Venkatesh Jagannathan (Venki) | Digital Security Practice |Ë: +91-91766 VENKI | +: 443037 |É: +91-44-47403000 x:443037 | ý: http://www.cognizant.com |€: http://www.linkedin.com/in/heyvenki P Avoid plastics. Use recycled paper bags. Save Trees. Avoid Printing. +----------------------------------------------------------------------------+ | Thinking is the Capital, Enterprise is the way, Hard Work is the solution. | | Avul Pakir Jainulabdeen Abdul Kalam - Ignited Minds. | +----------------------------------------------------------------------------+ From: Soi, Dhruv [mailto:[email protected]] Sent: 15 January 2010 20:16 To: '[email protected]'; '[email protected]' Subject: Chinese Hackers Target PMO Computers (Breaking News) This incident is quite significant to start a new thread so that people who might not have noticed in earlier post can also know and comment. I am indirectly in touch with the investigators who are behind this commendable job. They were part of the OWASP conference and most likely known to participants who were there. This is the first time that govt. of India had the will, candour and the tenacity to respond to such a situation. <http://www.metacafe.com/watch/4025565/chinese_hackers_target_pmo_computers_headlines_today/> http://www.metacafe.com/watch/4025565/chinese_hackers_target_pmo_computers_headlines_today/ <http://indiatoday.intoday.in/site/Story/79215/Headlines%20Today%20Top%20Stories/Chinese+hackers+target+PMO+computers+.html> http://indiatoday.intoday.in/site/Story/79215/Headlines%20Today%20Top%20Stories/Chinese+hackers+target+PMO+computers+.html -----Inline Attachment Follows----- _______________________________________________ Owasp-delhi mailing list [email protected] <https://lists.owasp.org/mailman/listinfo/owasp-delhi> https://lists.owasp.org/mailman/listinfo/owasp-delhi _____ The INTERNET now has a personality. YOURS! <http://in.rd.yahoo.com/tagline_yyi_1/*http:/in.yahoo.com/> See your Yahoo! Homepage. This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful.
_______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
