Hack the hackers

[InfoSec News <isn () C4I ORG>]

http://www.hindustantimes.com/nonfram/191200/detOPI01.asp

[Interesting information warfare story until towards the bottom where
the writer starts using (What reads more like fiction) information
about the Hong Kong Blondes from Anthony LoBaido's stories about the
Blondes & their links to former British intel agents. -WK]


Ravi Visvesvaraya Prasad
Tuesday, December 19, 2000
New Delhi

Since the Pokhran blasts, Pakistani hackers have been regularly
attacking websites of Indian organisations. The homepages of the Prime
Ministers Office, the Bhabha Atomic Research Centre, the Ministry of
Information Technology and Videsh Sanchar Nigam were hacked into and
defaced with anti-India obscenities.

Pakistani hacker groups like Death to India, Kill India and G-Force
Pakistan openly circulate instructions for attacking Indian computers.
The websites http://www.f**kindia.org, run by Nicholas Culshaw of
Karachi, and http://www.f**kindia.com, run by Arshad Qureshi of Long
Beach, California, contain malicious anti-Indian propaganda along with
step-by-step instructions for hacking into thousands of Indian
websites.

Surprisingly, the Indian Government has not attempted to disable these
websites. The Ministry of Information Technology has not even demanded
an explanation from the Internet Corporation for Assigned Names and
Numbers (ICANN) as to how domain names like http://www.f**kindia.org
and http://www.f**kindia.com could be registered at all.

Indian defence and intelligence officials dismissed these activities
as the handiwork of Pakistani adolescents who did not have the backing
of Pakistani military and intelligence forces. However, the former
additional secretary, Cabinet Secretariat, B. Raman, cautioned that
India should not underestimate the havoc that can be wrought even by
unorganised teenage hackers.

Indias security establishment has also ignored information warfare
capabilities possessed by Islamic militant organisations. Rand
Corporation recently warned that Osama bin Ladens Egyptian followers
can immediately cripple the information infrastructures of Russia and
India. Clark Staten, Executive Director, Emergency Response and
Research Institute, Chicago, warned that Ikhwan-al-Muslimoon, Jamaat
Islami, Hizb-ut-Tahrir, Khilafah, Izz al-Din Al-Kassam and Nidaul
Islam had developed offensive capabilities in information warfare.

More serious than Pakistan and Islamic militants is the threat posed
by China. According to Timothy Thomas of the US Armys Foreign Military
Studies Office in Fort Leavenworth, Kansas, Chinas leaders reckon that
it can achieve hegemony in Asia only by integrating information
warfare into its geopolitical strategies. Thomas stated that China is
quickly integrating the latest information warfare techniques into its
Peoples War concept. This development has been ignored by the West but
will have far-reaching strategic and operational implications.

In mid-1999, China established a special task force on information
warfare composed of senior politicians, military officers and
academics, headed by Xie Guang, Vice-Minister of the Commission of
Science, Technology and Industry for National Defence. This task force
has prepared detailed plans to cripple the civilian information
infrastructures of Taiwan, the United States, India, Japan and South
Korea. Two members, Qi Jianguo and Dai Qingmin, have formulated a
comprehensive scheme.

First, China will not attack military or political targets in these
countries but would target their financial, banking, electrical
supply, water, sewage and telecommunications networks. Second, Chinese
companies will establish business links with private companies in
these countries. After carrying on legitimate business for some time,
they would insert malicious computer codes and viruses over commercial
e-mail services.

Third, the viruses and malicious codes would be sent through computers
in universities in third countries so that they could not be traced
back to China. Fourth, the attacks would be launched when the
political leadership of the target countries is preoccupied with
election campaigns.

The Peoples Liberation Army (PLA) has conducted several field
exercises recently. An Informaticised Peoples Warfare Network
Simulation Exercise was conducted in Echeng district of Hubei
province. Five hundred soldiers simulated cyberattacks on the
telecommunications, electricity, finance and television sectors of
Taiwan, India, Japan and South Korea.

Ten functions were rehearsed in another exercise at Xian in Jinan
Military Region: planting information mines, conducting information
reconnaissance, changing network data, releasing information bombs,
dumping garbage, disseminating propaganda, applying information
deception, releasing clone information, organising info- defence and
establishing network spy stations.

In Datong, 40 PLA specialists are preparing methods of seizing control
of networks of commercial internet service providers in Taiwan, India,
Japan and South Korea. They held demonstrations for the Beijing Region
Military Comm!, Central Military Commission and General Staff
Directorate. In October, Chief of General Staff Fu Quanyou presided
over an exercise in Lanzhou and Shenyang Military Regions which
simulated electronic confrontation with countries south and west of
Gobi Desert. This focused on electronic reconnaissance,
counter-reconnaissance, electronic interference and
counter-interference.

It tested the battle readiness of PLAs command automation systems,
command operations, situation maps, audio and graphics processes and
controls, and data encryption systems. Smaller exercises were carried
out in July in the Chengdu Military Region and in August in the
Guangzhou Military Region.

The PLA has also enlisted support from universities. It established
the Communications Command Academy in Wuhan, capital of Hubei
province, in collaboration with Hubeis engineering universities. The
Navy Engineering College, headed by Shao Zijun, also in Wuhan, is
collaborating on secret projects on information warfare with the
Communications Command Academy.

The PLA established the Information Engineering University, headed by
Major General Zhou Rongting, in Zhengzhou, capital of Henan province.
It did this by taking over and combining Henans civilian Institute of
Information Engineering, Electronic Technology College and Survey and
Mapping College. This will specialise in remote image information
engineering, satellite-navigation and positioning engineering, and map
data banks of the regions from India to Indo-China.

The PLA also established the Science and Engineering University,
headed by Major General Si Laiyi, by combining the civilian Institute
of Communications Engineering, the Institute of the Engineering Corps,
the Air Forces Meteorology Institute and the Research Institute of
General Staff Headquarters. Si Laiyi attracted over 400 civilian
professors from universities all over China. He also announced the
establishment of a new Institute of Computer and Command Automation
and persuaded 60 experts of Chinese origin settled in the West to
return to work there.

A fourth PLA institute is the National Defence Science and Technology
University in Changsha, under direct supervision of the Central
Military Commission, where the Yin He series of supercomputers has
been developed.

To counter cyberthreats from China, Pakistan and militant Islamic
groups, the Indian Government should immediately establish a national
centre for information systems security. It should tap the expertise
of universities and private software and internet companies.

In addition to the Government and defence sectors, it should cater to
the banking sector, stock exchanges, telecom and internet networks,
power and water supplies, and transportation. It should be structured
on the lines of the American Presidents Commission on Critical
Infrastructure Protection which was created by Bill Clinton in 1996
and in which several US corporations and universities are partners
principally IBM, Dell, BellSouth, GTE and Carnegie Mellon University.

India should also provide support to the numerous dissident Chinese
hacker groups formed to avenge the Tiananmen Square massacre. One is
headed by Lemon Li who operates from St Nazare, France. Another is
headed by Michael Ming and functions out of College Station, Texas.

The most successful hackers have been Yellow Pages and Blondes.
Blondes was founded by Blondie Wong who operates from Toronto. Mao
Zedongs men had killed his parents. But since he was a follower of
Mahatma Gandhi and Martin Luther King, Wong decided to use only
peaceful means to overthrow the Beijing regime.

The Bangkok chapter of Blondes is headed by an Englishwoman, Tracey
Kinchen, who was earlier an MI5 agent. Her team disabled a PLA spy
satellite by sending spurious signals using cellular modems. Another
Englishwoman, Ashton Tyler Baines, heads the Kowloon chapter of
Blondes. Her team has launched over 72,000 cyberattacks against PLA.

Baines claimed that Blondes and Yellow Pages have already placed over
40 computer operators as moles inside PLAs cyberspace divisions. We
can infiltrate, alter and even crash their communications satellites,
space program, supercomputers and networks. We are putting in
backdoors and writing bad code into their servers. We have already
infected off-site copies of their CD-ROMs, said Baines.

Could that provide the Indian Government with some ideas of how to
counter a Chinese infotech attack?

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".