Friday, March 9, 2012

Faceless cyber warriors [Full Post]

The prevailing belief that USA's national Aeronautics and Space Administration (NASA) is an impenetrable and secure American facility  was broken the past week when on March 2 and 3, media around the world reported how hackers have stolen employee credentials and gained access to "mission-critical" projects thus compromising USA's national security.

Central Florida News and other media reported that NASA's Inspector General Paul martin has testified in a report before the Subcommittee on Investigation and Oversight, House Committee on Science, Space, and Technology, entitled 'NASA Cybersecurity: An Examination of the Agency's Informating Security', that more than 5,000 security breaches happaned last year in 13 major networks.

Despite spending over $1.5 billion annually on Information Technology (IT)-related activities, including $58 million fo IT security, 'In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorised access to its systems. These incidents spanned a wide continuun from individuals testing their skill to break into NASA systems, to well-organised criminal enterprises hacking for profit, to instructions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives.'

Sources at the Kennedy Space Center said they had 973 'security events' in 2010 and 463 in 2011.

While most countries of the world have succumbed to attckas of hackers at numerous times, Bangladesh has for long been waiving away the importance of cyber security despite pledging a 'Digital bangladesh' to the entire nation in their election manifesto prior to the ninth parliamentary elections in 2008. As Bnagladesh's cyber properties were ravaged by alleged indian hackers on February 11, leading to a cyber war beteen Bangladesh and Indian hackers during mid February, the entire nation woke up on to the vulnerable state of country's properties on the internet.

The cyber war was initiated when news of Indian hacker groups, Indishell, Hindustan Cyber Army (HCA) and Indian Cyber Army (ICA) hacking five (5) Bangladesh ministry websites, were reported by bangladeshi media on February 11. The cyber assault triggered a wave of cyber attacks from Bangladeshi counterparts, Bangladesh Black Hat Hackers (BBHH), Bangladesh Cyber Army (BCA) adn 3xp1r3 Cyber Army (3CA).

From February 11 till February 14, international media who covered the war claimed that over 400 Bangladeshi sites were hacked by Indian hackers and over 20,000 Indian websites including government sites like the Border Security Force's (BSF) and numerous private websites were attacked by Bangladeshi hackers.

There was no significant destruction of data or financial loss reported on either side.


Indishell, ICA and the HCA posted ominous messages to Bangladeshi hackers on the bangladeshi sites, while in reply, Bangladeshi hackers posted messages and images protesting the killing and torture of bangladeshi nationals at the hands of BSF personnel at the 4,165-kilometer long India-Bangladesh border, India's construction of the Tipaimukh Dam that is likely to have severe environmental effects on Bangladesh and adjoining areas of India. The bangladeshi hackers also poeted messages about the Teesta water sharing, let bangladesh television programmes be aired in India and more.

Indian hackers stopped hacking Bangladeshi sites by February 14, driving some Indian media to dub Bangladeshi hackers the "Victor".

But BBHH continued to hack Indian sites. This correspondent managed to get an email response from Optimus Black Burn, a core hacker of BBHH, on February 26. In the email, Balack Burn wrote, 'Our hacking is ongoing. BBHH, BCA, 3CA are all working together.'

While he couldn't provide the actual number of sites hacked till date, black Burn claimed, "The cyber war is over because we do note have any oponents. Indian hackers left the cyber war field and the Indian hackers left the cyber war field and the Indian media has already reported that we are the winners."

'But our protest is still going on. We are now fighting against injustice and brutality of India,' he wrote.

Black Burn denied the allegations by foreign media that hackers fromother countries were aiding the Bangladesh cyber-front. 'It's totally false. We do not have any connection with any international hacking groups, especially Pakistani hackers hacked Indian sites for kashmir. They are not with us...' the email read. 'We do not need any help' as 'we have the power to fight on our own.'

About affiliation with Anonymous, an international loosely collective of hackers who has hacked US govenment websites, Sony, PBS, the Vatican, Wall Street Journal of Germany and more, Black Burn wrote, "No... But some anonymous members morally support us.'

But immediately, the next day, BBHH declared 'an ed to their cyber attacks on India' on their Facebook page, taking th outcomne of two-day long talks between the Indian union home minister Palaniappan Chidambaram and Bangladesh Home Minister Sahara Khatun at New Delhi, as a positive sign. At the home-ministerial level talkes that concluded on February 25, Delhi had assured Dhaka to bring border killings 'down to zero'.


However, BCA claimed that as Indian Grey hat hackers again attacked a number of Bangladesh websites around the end of February, BCA hacked and permanently disabled the website of Indian hacker community, hackerindia.com.

On March 7, Bd Xtor, a co-administrator and core hacker of BBHH, wrote to this Xtra correspondent claiming that Indian hackers have declared a cyber war again, thus initiating phase 2 of the war between Bangladesh and India. As of march 7, the Security Ray (TSR), an online journal, speculated that the total number of hacked sites now stands at 35,000.

The incident seriously questions the cyber security of Bangladesh, which is fairly new to the world of Information Technology.

In an exclusive conversation with New Age Xtra, hackers of bangladesh Cyber Army (BCA) pointed out the flaws in our cyber security recently. One of the hackers, who had hacked into Google Labs in september last year, said to Xtra, 'Hackers are always looked at in a negative light. But, most hackers try to find flaws in websites and servers. They (hackers) the write back to the administrator of the said website or server, pointing out the flaw and suggesting solutions to the administrator.'

BCA claimed to be the first hacker community in Bangladesh that was initiated in 2010. Members of BCA later formed the BBHH and 3CA. 'Over the years, our knowledge has grown as members in our community learn from peers. This helps them to learn more and do better in the profession of IT and software development,' said another hacker.

the hackers pointed out that hacking Bangladeshi and other South Asian websites have become convenient in the region. They also said that almost all government websites in Bangladesh have the lowest level of Web security.

'Bangladeshi hackers often hack these sites, without any financial or data loss. They put small marks or posts on websites that no visitor can understand except for the administrator,' said a hacker.

The hackers pointed out that important government sites have almost no security. 'But while these adminstrators never replied, the solutions we had mailed wwere never even implemented,' said one of them. 'At times the emails even bounced, signifying that the email addresses provided on the website are either inactive or they are not being chacked by the administrators,' said a hacker.


Sumon Ahmed Sabir, vice president of Internet Service Providers Association of Bangladesh (ISPAB) and a cyber security expert in Bangladesh, opined that the security features are vulnerable in most government owned websites. ‘That is why a large portion of the websites hacked belong to the Bangladesh government. Not much of technical expertise is required to hack most of these websites which are very poorly coded. Skills and expertise are utilised when websites hacked are of professional standards,’ he said to Xtra.

A BCA representative said that hacking has become convenient in South Asia due to lack of proper security measures. ‘Of all the South Asian countries, India’s web security is at considerably better standard, with Pakistan coming at second and Bangladesh’s being minimal,’ he said, claiming that from all the South Asian countries, India’s hacker community is also the biggest.

He explained that as hackers use various proxy servers and, after each attack, the hacked server logs are cleared. ‘So, when cyber crime authorities check, they find that the server was accessed from various parts of the world,’ he said.

When Xtra asked the Bangladesh Telecommunication Regulatory Commission (BTRC) whether investigations are underway to identify hackers that defaced the Bangladeshi sites, Md Giashuddin Ahmed, vice chairman of BTRC, said that the government has formed a committee, including BTRC officials to take steps to stop the cyber war and other form of cybercrimes.

‘The committee has held two meetings and will suggest an action plan to stop such cyber crimes,’ he said. Giashuddin Ahmed added, ‘As per the government direction, a specialised team is closely monitoring online activities and contents of blogs and social networking sites to track online offenders,’ although till now, ‘no hacker has been traced so far and the operation procedure is yet to be finalised.’

Hackers are confident that during the so-called cyber war, ‘Bangladeshi hackers did not violate article 56 of Information Communication Technology (ICT) Act, 2006 of Bangladesh, as there was no financial loss or destruction of data while hacking the sites.’

Sub-section 1 of article 56 of the ICT Act, 2006 states, ‘If any person-- with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person, does any act and thereby destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means; damage through illegal access to any such computer, computer network or any other electronic system which do not belong to him;  then such activity shall be treated as hacking offence.’

Sub-section 2 of the same article in the Act states, ‘Whoever commits hacking offence under sub-section (1) of this section he shall be punishable with imprisonment for a term which may extend to ten years, or with fine which may extend to Taka one crore, or with both.’

Sumon said, that while he cannot justify the practice of hacking of Bangladeshi and Indian websites, ‘the intentions of attacking the websites on both ends were not aimed at damaging them. They only removed some contents, put some images, used cursive words or shut it down temporarily. There was no intention to cause financial damage. The attack was aimed at generating propaganda.’

He continued, ‘The contents in our present ICT Act only protect us of local violations. Internet is something that goes beyond the territory. Hence, addressing online crimes is still a grey area. It could be someone sitting in the United States, using a computer server in India to initiate an attack on a Bangladeshi website. Under such circumstances, there is hardly enough evidence because the logs can be cleared. So, addressing the issue is still a very complicated process.’

***
Hackers further divulged that even when Pakistan and Indian hackers have been at each other’s cyber security since 1998, the hacker communities of Bangladesh and India always maintained a friendly relation.

The ‘ties’ were strained following spread of a 10-minute long video clip where BSF personnel stripped and tortured Habibur Rahman, a 22-year-old Bangladeshi cattle smuggler who had crossed the border to India. The clip was aired by media across the globe on January 18 and 19.

India claimed to have suspended the eight BSF personnel but did not apologise for the incident. On the other hand, Bangladeshi ministers said they were ‘not worried’ about the incidents at the border.

Adding fuel to Bangladesh public’s outrage on February 8, was BSF chief U K Bansal’s comment to the BBC that firing at India-Bangladesh border will continue ‘so long criminal activities would continue to take place’. The statement seemed to be in contradiction to Indian Prime Minister Manmohan Singh’s assurances, while visiting Dhaka in September 2011, that non-lethal measures will be taken against Bangladeshi suspects at the border.

‘After all this, the temporary deactivation of five Bangladesh government sites by Indian hackers seemed like a call for cyber war,’ said a BCA representative.

Implying that protests against border killings and the Tipaimukh dam construction is a form of ‘hacktivism’, Bangladeshi musician, blogger and cyber-activist Maqsood Haque said, ‘The moves by Bangladeshi hackers are signs of frustration as the Bangladesh government did not properly address these issues.’

According to Dhaka-based human rights organisation Odhikar, around 31 Bangladeshi nationals were killed by the BSF in 2011.

New York-based Human Rights Watch in a 2010-study claimed that more than 900 Bangladeshis and 164 Indians were killed by the BSF between 2000 and 2010 at the India-Bangladesh border. Poor Bangladeshi border residents smuggle cattle from India to Bangladesh as cattle prices are 35 to 40 per cent higher in Bangladesh.

‘It is tragic that despite taking legal actions against these smugglers, BSF shoots to kill them and our government does not even protest,’ lamented Haque. He continued that while tracking down hackers may be tough for authorities as hackers may be operating from 20 different Internet Protocols (IPs), ‘If apprehended the hackers may face severe repercussions.’

‘We are preparing the operation procedure that will be finalised on the third meeting of the committee going to be held on March 8,’ said Giashuddin Ahmed while speaking to Xtra last week.

Sumon Ahmed hoped that Bangladesh will learn from the recent incident. As the country is gradually becoming IT-enabled, ‘When transaction-based websites will emerge in the country that is when we will be affected most,’ he warned.

He pointed out that because of poor security on our web servers, other countries are becoming affected. ‘Hackers are using Bangladeshi servers as proxy or phishing sites to acquire passwords and usernames of prominent international banks and other e-commerce websites, which allow them to transfer money to their desired accounts. Just because we are not being affected, we are not being concerned. But such fraudulent websites are very common and we receive a lot of complaints from the CERTs (Computer Emergency Response Teams) of other countries,’ he added.

He concluded that although the word ‘hacker’ was not always a negative term, ‘Not all hacking is bad or should be considered so. Somebody identifying a bug or informing the authority is a noble job. Unless and until that bug is exploited to attack it is a good deed.’

Additional reporting by MH Kawser
by Syed Tashfin Chowdhury

0 comments:

Post a Comment