Pages

Monday, 12 March 2012

Faceless cyber warriors


 
Faceless cyber warriors
 
Syed Tashfin Chowdhury unravells reasons behind the India-Bangladesh cyber war
 
The prevailing belief that USA's National Aeronautics and Space Administration (NASA) is an impenetrable and secure American facility was broken the past week when on March 2 and 3, media around the world reported how hackers have stolen employee credentials and gained access to mission-critical projects thus compromising USA's national security.

Central Florida News and other media reported that NASA's Inspector General Paul Martin has testified in a report before the Subcommittee on Investigation and Oversight, House Committee on Science, Space, and Technology, entitled 'NASA Cybersecurity: An Examination of the Agency's Information Security', that more than 5,000 security breaches happened last year in 13 major networks.

Despite spending over $ 1.5 billion annually on Information Technology (IT)-related activities, including $58 million for IT security, 'In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorised access to its systems. These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organised criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives.'

Sources at the Kennedy Space Center said in 2010, they had 973 'security events' and 463 in 2011.
While most countries of the world have succumbed to attacks of hackers at numerous times, Bangladesh has for long been waiving away the importance of cyber security despite pledging a 'Digital Bangladesh' to the entire nation in their election manifesto prior to the ninth parliamentary elections in 2008. As Bangladesh's cyber properties were ravaged by alleged Indian hackers on February 11, leading to a cyber war between Bangladesh and Indian hackers during mid February, the entire nation woke up to the vulnerable state of the country's properties on the internet.
***
The cyber war was initiated when news of Indian hacker groups, Indishell, Hindustan Cyber Army and Indian Cyber Army hacking five Bangladesh government ministry websites, were reported by Bangladeshi media on February 11. The cyber assault triggered a wave of cyber attacks from Bangladeshi counterparts, Bangladesh Black Hat Hackers (BBHH), Bangladesh Cyber Army (BCA) and 3xp1r3 Cyber Army (3CA).
From February 11 till February 14, international media who covered the war claimed that over 400 Bangladeshi sites were hacked by Indian hackers and over 20,000 Indian websites including government sites like  the Border Security Force's (BSF) and numerous private websites were attacked by Bangladeshi hackers.

There was no significant destruction of data or financial loss reported on either side.Indishell, ICA and the HCA posted ominous messages to Bangladeshi hackers on the Bangladeshi sites, while in reply, Bangladeshi hackers posted messages and images protesting the killings and torture of Bangladeshi nationals at the hands of BSF personnel at the 4,165-kilometer long India-Bangladesh border, India's construction of the Tipaimukh dam that is likely to have severe environmental effects on Bangladesh and adjoining areas of India. The Bangladeshi hackers also posted messages about the Teesta water sharing, let Bangladesh television programmes be aired in India and more.

Indian hackers stopped hacking Bangladeshi sites by February 14, driving some Indian media to dub Bangladeshi hackers the 'victor'.But BBHH continued to hack Indian sites. This correspondent managed to get an email response from Optimus Black Burn, a core hacker of BBHH, on February 26. In the email, Black Burn wrote, 'Our hacking is ongoing. BBHH, BCA, 3CA are all working together,'While he could not provide the actual number of sites hacked till date, Black Burn claimed, 'The cyber war is over because we do not have any opponents. Indian hackers left the cyber war field and the Indian media has already reported that we are the winners.'

'But our protest is still going on. We are now fighting against injustice and brutality of India,' he wrote.Black Burn denied the allegations by foreign media that hackers from other countries were aiding the Bangladesh cyber-front. 'It's totally false. We do not have any connection with any international hacking groups, especially Pakistani hackers hacked Indian sites for Kashmir. They are not with us…' the email read. 'We do not need any help' as 'we have the power to fight on our own.'

About affiliation with Anonymous, an international loosely collective of hackers who has hacked US government websites, Sony, PBS, the Vatican, Wall Street Journal of Germany and more, Black Burn wrote, 'No…But some Anonymous members morally support us.'But immediately, the next day, BBHH declared 'an end to their cyber attacks on India' on their Facebook page, taking the outcome of the two-day long talks between the Indian Union home minister Palaniappan Chidambaram and Bangladesh home minister Sahara Khatun at New Delhi, as a positive sign.  At the home-ministerial level talks that concluded on February 25, Delhi had assured Dhaka to bring border killings 'down to zero'.

However, BCA claimed that as Indian Grey Hat hackers again attacked the Bangladesh Islami bank website around the end of February, BCA hacked and permanently disabled the website of Indian hacker community, hackerindia.com.On March 7, Bd Xtor, a co-administrator and core hacker of BBHH, wrote to this Xtra correspondent claiming that Indian hackers have declared a cyber war again, thus initiating phase 2 of the war between Bangladesh and India. As of March 7, the security ray (TSR) speculated that the total number of hacked sites now stands at 35,000.
***
The incident seriously questions the cyber security of Bangladesh, which is fairly new to the world of Information Technology.In an exclusive conversation with New Age Xtra, hackers of Bangladesh Cyber Army (BCA) pointed out the flaws in our cyber security recently. One of the hackers, who had hacked into Google Labs in September last year, said to Xtra, 'Hackers are always looked at in a negative light. But, most hackers try to find flaws in websites and servers. They (hackers) then write back to the administrator of the said website or server, pointing out the flaw and suggesting solutions to the administrator.'

BCA claimed to be the first hacker community in Bangladesh that was initiated in 2010. Members of BCA later formed the BBHH and 3CA. 'Over the years, our knowledge has grown as members in our community learn from peers. This helps them to learn more and do better in the profession of IT and software development,' said another hacker.

The hackers pointed out that hacking Bangladeshi and other South Asian websites have become convenient in the region. The hackers said that almost all government websites in Bangladesh have the lowest level of web security.'Bangladeshi hackers often hack these sites, without any financial or data loss. They put small marks or posts on websites that no visitor can understand except for the administrator,' said a hacker.

The hackers pointed out that important government sites have almost no security. 'But while these administrators never replied, the solutions we had mailed were never even implemented,' said one of them. 'At times the emails even bounced, signifying that the email addresses provided on the website are either inactive or they are not being checked by the administrators,' said a hacker.

Sumon Ahmed Sabir, vice president of Internet Service Providers Association of Bangladesh (ISPAB) and a cyber security expert in Bangladesh, opined that the security features are vulnerable in most government owned websites. 'That is why a large portion of the websites hacked belong to the Bangladesh government. Not much of technical expertise is required to hack most of these websites which are very poorly coded. Skills and expertise are utilised when websites hacked are of professional standards,' he said to Xtra.

A BCA representative said that hacking has become convenient in South Asia due to lack of proper security measures. 'Of all the South Asian countries, India's web security is at considerably better standard, with Pakistan coming at second and Bangladesh's being minimal,' he said, claiming that from all the South Asian countries, India's hacker community is also the biggest.
He explained that as hackers use various proxy servers and, after each attack, the hacked server logs are cleared. 'So, when cyber crime authorities check, they find that the server was accessed from various parts of the world,' he said.

When Xtra asked the Bangladesh Telecommunication Regulatory Commission (BTRC) whether investigations are underway to identify hackers that defaced the Bangladeshi sites, Md Giashuddin Ahmed, vice chairman of BTRC, said that the government has formed a committee, including BTRC officials to take steps to stop the cyber war and other form of cybercrimes.

'The committee has held two meetings and will suggest an action plan to stop such cyber crimes,' he said. Giashuddin Ahmed added, 'As per the government direction, a specialised team is closely monitoring online activities and contents of blogs and social networking sites to track online offenders,' although till now, 'no hacker has been traced so far and the operation procedure is yet to be finalised.'

Hackers are confident that during the so-called cyber war, 'Bangladeshi hackers did not violate article 56 of Information Communication Technology (ICT) Act, 2006 of Bangladesh, as there was no financial loss or destruction of data while hacking the sites.'

Sub-section 1 of article 56 of the ICT Act, 2006 states, 'If any person-- with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person, does any act and thereby destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means; damage through illegal access to any such computer, computer network or any other electronic system which do not belong to him;  then such activity shall be treated as hacking offence.'

Sub-section 2 of the same article in the Act states, 'Whoever commits hacking offence under sub-section (1) of this section he shall be punishable with imprisonment for a term which may extend to ten years, or with fine which may extend to Taka one crore, or with both.'

Sumon said, that while he cannot justify the practice of hacking of Bangladeshi and Indian websites, 'the intentions of attacking the websites on both ends were not aimed at damaging them. They only removed some contents, put some images, used cursive words or shut it down temporarily. There was no intention to cause financial damage. The attack was aimed at generating propaganda.'He continued, 'The contents in our present ICT Act only protect us of local violations. Internet is something that goes beyond the territory. Hence, addressing online crimes is still a grey area. It could be someone sitting in the United States, using a computer server in India to initiate an attack on a Bangladeshi website. Under such circumstances, there is hardly enough evidence because the logs can be cleared. So, addressing the issue is still a very complicated process.'
***
Hackers further divulged that even when Pakistan and Indian hackers have been at each other's cyber security since 1998, the hacker communities of Bangladesh and India always maintained a friendly relation.The 'ties' were strained following spread of a 10-minute long video clip where BSF personnel stripped and tortured Habibur Rahman, a 22-year-old Bangladeshi cattle smuggler who had crossed the border to India. The clip was aired by media across the globe on January 18 and 19.

India claimed to have suspended the eight BSF personnel but did not apologise for the incident. On the other hand, Bangladeshi ministers said they were 'not worried' about the incidents at the border.Adding fuel to Bangladesh public's outrage on February 8, was BSF chief U K Bansal's comment to the BBC that firing at India-Bangladesh border will continue 'so long criminal activities would continue to take place'. The statement seemed to be in contradiction to Indian Prime Minister Manmohan Singh's assurances, while visiting Dhaka in September 2011, that non-lethal measures will be taken against Bangladeshi suspects at the border.

'After all this, the temporary deactivation of five Bangladesh government sites by Indian hackers seemed like a call for cyber war,' said a BCA representative.Implying that protests against border killings and the Tipaimukh dam construction is a form of 'hacktivism', Bangladeshi musician, blogger and cyber-activist Maqsood Haque said, 'The moves by Bangladeshi hackers are signs of frustration as the Bangladesh government did not properly address these issues.' According to Dhaka-based human rights organisation Odhikar, around 31 Bangladeshi nationals were killed by the BSF in 2011.

New York-based Human Rights Watch in a 2010-study claimed that more than 900 Bangladeshis and 164 Indians were killed by the BSF between 2000 and 2010 at the India-Bangladesh border. Poor Bangladeshi border residents smuggle cattle from India to Bangladesh as cattle prices are 35 to 40 per cent higher in Bangladesh.
'It is tragic that despite taking legal actions against these smugglers, BSF shoots to kill them and our government does not even protest,' lamented Haque. He continued that while tracking down hackers may be tough for authorities as hackers may be operating from 20 different Internet Protocols (IPs), 'If apprehended the hackers may face severe repercussions.'

'We are preparing the operation procedure that will be finalised on the third meeting of the committee going to be held on March 8,' said Giashuddin Ahmed while speaking to Xtra last week.Sumon Ahmed hoped that Bangladesh will learn from the recent incident. As the country is gradually becoming IT-enabled, 'When transaction-based websites will emerge in the country that is when we will be affected most,' he warned.
He pointed out that because of poor security on our web servers, other countries are becoming affected. 'Hackers are using Bangladeshi servers as proxy or phishing sites to acquire passwords and usernames of prominent international banks and other e-commerce websites, which allow them to transfer money to their desired accounts. Just because we are not being affected, we are not being concerned. But such fraudulent websites are very common and we receive a lot of complaints from the CERTs (Computer Emergency Response Teams) of other countries,' he added.

He concluded that although the word 'hacker' was not always a negative term, 'Not all hacking is bad or should be considered so. Somebody identifying a bug or informing the authority is a noble job. Unless and until that bug is exploited to attack it is a good deed.'
-Additional reporting by MH Kawser
 
Hacktivism 101

Merging 'Hacking' and 'Activism', Hacktivism has gained popularity over the past few years as a growing number of hackers, especially the loosely-knit collective Anonymous, have been promoting their causes, either political or social, through defacement, redirects, information theft, website parodies, virtual sabotage and other methods on websites.

The method has become popular as tracing hacktivists over the internet is tough, unlike the situations in the physical world.Though the term itself was coined in 1997, Julian Assange wrote in a report for Counterpunch in 2006, 'Real hacktivism is at least as old as October 1989 when the US Department of Energy and NASA machines world wide were penetrated by the anti-nuclear WANK worm. The worm was the second ever to be unleashed, but its provenance was a curious contrast to its forebear.'

It could be that because, the first public use of DDoS for protests occurred during the 'Intervasion of the UK' that was wrought by a group called the Zippies on Guy Fawkes Day of 1994, is why hacktivists still use the 'Guy Fawkes' mask in videos.Cyber wars between Israel and Palestine, India and Pakistan, China and India and other nations have been a regular news in the hacking world. However, in the USA, during important political events prior to elections, hackers have hacked into email accounts and websites of politicians and leaked emails and other details on the internet.

The biggest contribution to hacktivism in recent times has been that of Anonymous, the loose collective of hackers that some claim spreads across the globe.Anonymous hacktivists launched 'Operation Baylout', a denial of service attacks against censorship and therefore against websites of music industry association International Federation of Phonographic Industry (IFPI) and lawyers, involved in the prosecution of four defendants of thepiratebay.org website that a bittorrent site that survives to this day, on April 20, 2009. Peter Sunde, Fredrik Neij, Gottfrid Svartholm and Carl Lundström - were found guilty and sentenced to one year in prison and heavy fines on April 17, 2009.

It was members of Anonymous, who initiated 'Operation Payback' in 2010, a DDoS attack against companies that withdrew their support from Julian Assange's Wikileaks. Members of Anonymous were arrested during January and February 2011, as their involvement with the operations was suspected.After Megaupload.com, a file sharing site, was closed down by the Federal Bureau of Investigation (FBI) and the US Justice Department, on January 19, 2012. Only a day before this, the internet was already abuzz with protests against SOPA and PIPA.

The move lead to the largest internet attack in history as websites of theUS  Justice Department, the FBI, Universal Music Group, the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), and Broadcast Music, Inc were attacked.

Among other high profile sites, Anonymous had also hacked into Sony's Playstation server, PBS, the Vatican and recently the Association of Chief of Police of Toronto who advocated internet surveillance. It is believed that Anonymous has the ability and skills to shut down the US national grid even.

BBC reported on February 28, that police in Latin America and Europe have arrested 25 suspected members of the Anonymous hacking group, aged between 17 and 40. The operation follows cyber attacks on Colombian and Chilean websites like the Colombian Ministry of Defence and the presidency, Chile's national library, and the Chilean electricity company Endesa.Demanding the freedom of the 25 hackers, Anonymous hacked the Interpol website on February 29. The Interpol site was down for half an hour.

http://newagebd.com/supliment.php?sid=18

'Not all hacking is bad or should be considered so'

Sumon Ahmed Sabir, vice president of Internet Service Providers Association of Bangladesh and a cyber security expert in Bangladesh, tells Saad Hammadi how the much hyped cyber warfare between India and Bangladesh was only a matter of generating propaganda on state-owned websites with no real security

Tell us your opinion about hacking in general.
Hacking had begun since the time computer networks emerged. However, those who are into hacking, some of them do it to show their technical skills and expertise and some are into committing financial crimes and other forms of online criminal offences. There is however, another dimension to hacking when it occurs with the state's patronage.

Recently, Bangladesh and India have experienced intense cyber warfare among important websites being shut down by the opposition. Some IT professionals have said that this was not hacking but nuisance. What is the rationale.

I will not call it a cyber war. A lot of Bangladeshi websites were compromised just as much as the Indian websites. However, this is nothing new. The security features are vulnerable in most government owned websites. That is why a large portion of the websites hacked belong to the Bangladesh government. Not much of technical expertise is required to hack most of these websites which are very poorly coded. Skills and expertise are utilised when websites hacked are of professional standards.
I am not really interested whether it was a cyber war or not but that our websites are not secured is something we should be concerned about. We are not secured on websites and this is not to speak of Bangladesh only but all countries. There is no point over arguing on an area of cyber warfare just because we are not able to resolve an issue diplomatically which will only increase grievances.

Bangladesh's virtual services and facilities are still at a developing stage, where not much of commercial transactions are performed. Given that Indian hackers often attack on Bangladeshi, how do you view the web security of the country's important websites?

This time the incidents that occurred did not cause problem but we are gradually becoming IT enabled. When transaction-based websites will emerge in the country that is when we will be affected most. And this will happen sooner or later because hacking is a regular affair. We should be careful that we do not break down the same way in the future.

Right now you can check your bank balance or clear your credit card bills, which are limited only to your account and cannot be transferred to another. Hence, we are not becoming affected financially. Outside the country however, most people are affected because of financial losses.

However, because of poor security on our web servers, other countries are becoming affected. Hackers are using Bangladeshi servers as proxy or phishing sites to acquire passwords and usernames of prominent international banks and other e-commerce websites, which allow them to transfer money to their desired accounts. Just because we are not being affected, we are not being concerned. But such fraudulent websites are very common and we receive a lot of complaints from the CERTs (Computer Emergency Response Teams) of other countries.


While Bangladeshi hackers claimed to have shut down many Indian websites, Bangladesh was nonetheless exposed to similar attacks. Do you believe the ICT Act 2006 of Bangladesh require amendment to address such defacement and temporary deactivation of websites?

The intentions of attacking the websites on both ends were not aimed at damaging them. They only removed some contents, put some images, used cursive words or shut it down temporarily. There was no intention to cause financial damage. The attack was aimed at generating propaganda. However, I still cannot justify such a practice. The contents in our present ICT Act only protect us of local violations. Internet is something that goes beyond the territory. Hence, addressing online crimes is still a grey area. It could be someone sitting in the United States, using a computer server in India to initiate an attack on a Bangladeshi website. Under such circumstances, there is hardly enough evidence because the logs can be cleared. So, addressing the issue is still a very complicated process.

Even locally, if someone is found committing an offence, the penalty should be very carefully decided. Keeping someone behind bars for eight years for sending a threat email does not sound reasonable, which we have seen happen in the country in the past. It will however, not be right for me to talk on the legal area but laws should not be such that a minor offence entitles heavy punishment.

Will you share some of the security elements that Western countries maintain to contain such form of intrusion or hacking?Whether developing countries or the West, we almost use the same security elements. Some organisations may be slight better but in general we all are vulnerable. This time the website hacking that took place, it was because the coding standards were weak. The website developers were not concerned with the security features while coding. The servers and software we are using, these are not timely upgraded and maintained. Thirdly, proper firewall rule sets are not maintained, which help to determine the level of access.

Some hackers are passionate about identifying bugs in reputed websites, something they enjoy doing and challenging. They say it helps them increase the efficiency of the website and helps them learn new things. Can skills of hackers be put to good use?

Those who have the technical efficiency, no doubt they are highly skilled. In many cases in the past we have seen hackers have come to the help of not just independent organisations but also states and governments. There are numerous examples. Not all hacking is bad or should be considered so. Somebody identifying a bug or informing the authority is a noble. Unless and until that bug is exploited to attack it is a good deed. The hacker word was a good term in the past. Right now the term itself gives a negative impression. In abroad, security analysts are hired to do the same task as hackers.

http://newagebd.com/supliment.php?sid=18&id=100
__._,_.___



No comments:

Post a Comment