Defence, CBI Computers May be Prone to Spying From Overseas

Published: 09th March 2014 12:28 PM  |   Last Updated: 09th March 2014 12:28 PM   |  A+A-

By PTI

About 3,000 Internet connections, including those of the Ministry of Defence, security agencies, the CBI and banks in Delhi, have been found to be compromised, probably for snooping from foreign locations, according to a report submitted by cyber security experts to government.

While computers in these organisations haven't been hacked, a vulnerability in the modems they use may have allowed outsiders access to information, the Indian Infosec Consortium said.

"About 3,000 Internet connections in Delhi are compromised, including that of defence, CBI, election officers. They are being accessed using servers abroad. We have shared a detailed report with Telecom Minister Kapil Sibal who has promised prompt action," IIC cyber security analyst Jiten Jain told PTI.

The list includes the Ministry of Defence at South Block, the Deputy Secretary of the Cabinet Secretariat at Rashtrapati Bhawan, the Chief of Naval Staff in C-Wing at South Block, the Air Force Communication centre at Vayu Bhawan, the zonal officer of the Controller of Defence Accounts at Delhi Cantonment, and the Directorate of Income Tax (Investigation) at Jhandewalan.

Some connections at the office of public telecom firm MTNL were also compromised.

Jain said the consortium has also submitted a report to security agencies for immediate action and correction of their systems. Over 99 per cent of the 3,000 connections surveyed by IIC were possible victims of snooping.

IIC is a group of 20,000 cyber security experts pitching to become the first line of cyber defence for India and develop indigenous cyber security products.

The researchers said they believe the threat emanates from a vulnerability due to technical settings in modems imported and sold by most Indian telecom operators.

"All of the devices included in the research were imported. I have not seen Indian telecom operators providing modem or routers of any Indian company. All of them are made by foreign companies, which is making systems vulnerable and susceptible to espionage," Jain said.

The report said users of these vulnerable modems could be directed to malicious servers overseas instead of going through domain name system (DNS) servers to a desired website.

A DNS server helps to connect a user to the server that hosts the desired website. The consortium found the DNS settings of modems, also known as Internet routers, had been manipulated.

The report revealed that the primary DNS Internet address in the modems belonged to servers in China, Ukraine, the Netherlands and France, with most of them in the US.

"Normally, the primary DNS servers should be on the network of actual Internet connection provider, but we found it is of malicious foreign servers which were suspicious and must have been used for phishing and traffic interception and diversion through a specific route," Jain said.

The server located abroad may connect to the desired website or to a fake website that appears authentic.

Jain said it was not possible to pinpoint which country may be spying on these systems due to the complex structure of the Internet.

Stay up to date on all the latest Nation news with The New Indian Express App. Download now
(Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.)

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp