* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download BIO-ELECTRO-INFO TECHNOLOGIES TO COMBAT TERRORISM
Survey
Document related concepts
Mobile security wikipedia , lookup
Deep packet inspection wikipedia , lookup
Signals intelligence wikipedia , lookup
PRISM (surveillance program) wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Citizen Lab wikipedia , lookup
Cyber-security regulation wikipedia , lookup
International cybercrime wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Computer security wikipedia , lookup
Cyberterrorism wikipedia , lookup
Cybercrime countermeasures wikipedia , lookup
Transcript
CHANGING PERCEPTIONS OF CYBER WARFARE Presentation Higher Command Course Army College of Warfare 18 October 2003 Genesis of the Internet Rand thesis Internet a product of the cold war Paradigm shift – hierarchical to networking Advent of WWW Gift of TCP/IP to public domain 2 CYBER ABUSES CYBER TERROR CYBER FRAUD CYBER LAUNDERING CYBER INFRACTION CYBER HACKING CYBER PHREAKING CYBER HACTIVISM SPYING SPOOFING SNIFFING SPAMING SPINNING STALKING SEEDING (Viruses, Worms & Trojans) 3 Maxim The Internet is the high ground and a first termer in NDA will know that the first lesson that one learns is to occupy high ground and hold it under all costs. 4 5 Cyber Terrorism Threat The most potent threat vector. We are victims of polemics and politics of definitions. What is terrorism? Is cyber terrorism a hype or for real? 6 CYBER TERRORISM According to National Information Protection Centre (NIPC), ”Cyber terrorism is an act through computers that results in violence death and/or destruction and creates terror for the purpose of coercing a government to change its policies.” “Cyber terrorism is the premeditated, politically motivated attack against information, computer systems, computer programmes, and data which result in violence against non combatant targets by sub-national groups or clandestine agents” 7 Cyber Psywar zoom Cyber anarchy is a vested interest. Anthrax, SARS and Melissa are more psychological than physical. We are in permanent and perpetual state of threat. The Motto: “We need to give them back, something to live for, instead something to die for.” Cyber security is now a big business 8 Cyber enabled Terror InfoInfra Terror threats. Propaganda and psyops. Communications; crypto, stegano, PGP Money laundering, hawala. WMD Int, tech snooping, contact with hackers and criminals. Proxy operations. Transacting, shopping and scheduling in contrabands, drugs and weapons Clandestine meetings and RVs, ICQ, IRC 9 Cyber Terrorism Threat (Contd) Asymmetric warfare anchors on unpredictable “the unknown unknown.” Both the perpetrator and the victim deny the impact if not the criminal/terror act. A virtual attack may coincide with real one, e.g. imagine mayhem if Code Red and 9/11 were mounted simultaneously 10 <whitehouse.gov> ----------- The worm propagates to other vulnerable servers, turning them into dummies that infect other servers. And this process continues exponentially 2. 1. Unknown hacker sends Code red worm out onto the Internet to find a vulnnerable host server red ceases to proliferate, and the numerous dummy servers turn to attack the White House website, attempting to overwhelm its server with 11 junk communications 3. …Code Surveillance & Security Industry The digital surveillance and security industry is spurting sharply. It is expected to cross $50 billion mark worldwide by 2008. 12 Threats to Infrastructure The physical infrastructure threat. Ranges from compromising critical systems to severely affecting them. Critical physical infrastructure, e.g. power grids, water, railways, dams, hospitals, oil pipelines, TV and AIR stations, telecommunications, air traffic, or any other networked system. 13 Scepticism “To us cyber terrorism is a lower-level threat” Marcus Kempe, Director Operations, Masachusetts Water Source Authority 14 Vitek Borden Exploit A hacker Vitek Borden succeeded in releasing a million litter of sewage into the water supply in Australia after 44 attempts 15 India’s SCADA Systems SCADA stands for Supervisor Control and Acquisition of Data – these are systems that are cybernated or computer controlled/ 30 percent of such networks are accessible by modems connected to public switched telephone networks. Employees are lax about manual backup. 16 Threat to Data Compromising critical computer systems to steal or irreversibly damage vital data. More pronounced against military, R&D, defence production and other sensitive data. More critical the data, greater the vulnerability. 17 THREATS TO INDIAN CYBERSPACE Muslim Hacker Club Al Qaeda network ISI covert Internet-enabled spy network. ICT exploitation tactics. Pak “G” Force, mOs, WFD, PHC and Silver Lords LTTE cyber hactivism. Mercenary hackers. 18 19 Cyber Crime – Wide Canvas Rampant misuse and abuse of e-banking and e-businesses. Unauthorized access to data. Forgery of digital signatures. Infringement of intellectual property rights covering patents and trademarks. Fraudulent subversion of electronic payment systems. Spamming. 20 Cyber Crime (contd) Wars over domain names, browsers and portals. Monopoly practices. Commercial spying. Porno Growing menace of intruders, masqueraders, and saboteurs in the cyberspace. 21 Security Breaches (1997-2001) (% of Respondents) 100 80 1997 1998 1999 2000 2001 60 40 20 0 DoS Laptop Unauth Access Virus Sabotage IPR System Telecom Fin theft penetration fraud fraud Respondents CSI/ FBI 2001 Survey 1997 98 99 2000 01 484 583 460 428 503 22 Threat Perception by US Defence Science Board in 1996 High State Sponsored 2004 Terrorist Potential damage 2000 Espionage 1996 Criminal Individual hacker Low Low High Probability of Occurrence Source : Jane’s Intelligence Review, Dec 2000 23 24 CYBER SURVEILLANCE Systematic observation of cyberspace by surfing, sniffing, snooping or other means. primarily for the purpose of locating, identifying, determining, profiling and analyzing by all available and predictable means the transmission of e-mail, movement of packets, file transfer, e-money transactions and subversive activities of criminals, cyber terrorists, hostile regimes and intelligence agencies. 25 CYBER SURVEILLANCE It equally applies to watch over friendly elements to anticipate and prevent cyber crime and social abuse, carry out counter surveillance and find holes in own procedures and systems of cyber security 26 CYBER INTELLIGENCE Cyber Intelligence is open-source information minus noise, gathered over the Internet The product resulting from the collection, processing, integration, analysis, evaluation and interpretation of available information concerning hackers, criminals, terrorists, hostile countries and cyber operations. 27 CYBERINT INT ON SECURITY PRODUCTS TERRORINT HACKERINT COMMERCIAL & TRADEINT CYBERCRIME INT CYBERINT SPYING SNOOPING SNIFFING E-MAIL INTERCEPTION OPEN INTELLIGENCE COUNTRIES OF INTEREST WEBINT IRC ICQ BB 28 29 Sun Tse Precepts in Cyber Arena PLA’s capabilities to spy in cyberspace is next only to Echelon and that of waging cyber war and protecting cyber assets next only to NATO. The scope of Chinese Information warfare spreads over a wide canvas, military, social, economic and political. Encompasses electronic warfare, attacks on “human cognitive systems,” cyber, signal and signal deception, strategic deterrence, 30 Cyber Warfare is all Deception and Ess Abuses propaganda warfare, psychological warfare, network warfare, structural sabotage and trade warfare. #The Chinese have no compunctions whatsoever for employing dubious tactics, machinations and subterfuge, e.g invasion of adversaries’ financial systems, use of computer viruses, human sabotage, disrupting enemies’ economies, or spreading rumours over the Internet and thus psychologically impacting society. 31 Doctrine and Training “PLA has successfully integrated the latest C4ISRT (Command, Control, Communications and Computers Intelligence, Surveillance, Reconnaissance and Targeting) and information warfare techniques into its war doctrine.” The Chinese have been conducting training in cyber warfare. 32 Sino-Taiwanese Cyber War 1997-99 @Eversince 1997 the Taiwanese and Chinese armed forces have been preparing openly for a long drawn hacker war. @“The wolf has already come. Pick up your hunting rifle!” @The most serious attack has been that of the Chernobyl virus, written by a Taiwanese computer engineering student, Chen Ing-hao. @The virus reportedly impaired 3,60,000 computers in China and caused $120 million in damage. 33 Cyber War -1 @Whereas China accused Taiwanese complicity, the Taiwanese authorities maintained that it was an individual act of crime. @The Guaangzhou Military Region, which includes the South China Sea Fleet and the Second Artillery units, was hit and was paralyzed. 34 Cyber War-1 @A state of emergency was declared placing the Nanjing Military Region and the East China Sea Fleet on seconddegree combat readiness. This was the first time China’s military entered a second degree combat readiness since the death of Deng Xioping in February 1997. 35 Cyber war-1 @ After the incident, the State Council and the Central Committee Military Commission promptly ordered the formation of a task force composed of General staff Intelligence Department, General staff Technology and Communications Department, Ministry of Defence Technological Intelligence Department, Institute of Military Sciences’ Special Technologies Department (also known as Department 553), and Ministry of Security’s Security Bureau. 36 China is reportedly considering developing a fourth branch of its People's Liberation Army devoted solely to cyberwarfare. "China’s military planners recognize that... over-dependence on information systems is a potential weakness... Combining information warfare - such as computer hacking - with irregular special and guerilla operations, would allow China to mount destructive attacks within the enemy’s own operations systems, while avoiding a major head-on confrontation." (For more on prospective 37 China’s Cyberwar Strategies For more on prospective Chinese cyberwar strategies, read Unrestricted Warfare, a book of military proposals written by two young Chinese military officers in February 1999. 38 Sino-US CYBER WAR 2001 This war started as a sequel to the collision between American military surveillance plane and the Chinese fighter jet on April 1, 2001. China launched massive attacks agains US Websites including those of It's (Cyber) War: China v. U.S. Crackers Expand Private War FBI Warns of Chinese Hack Threat 39 Cyber War-2 The Xinhua News Agency reported that U.S hackers have defaced the websites of the provincial governments of Yichun, Xiajun and Beijing, the Deng Xiaoping police force,the Tsinghua and Xinjiang Universities, and Samsung's and Daewoo Telecoms' Korean sites. 40 Cyber War-2 FBI-led National Infrastructure Protection Center (NIPC) confirmed that Chinese hackers had been active in launching Web defacing and distributed-denial-of-service attacks on the Department of the Interior's National Business Center, the U.S. Geological Survey's site and Pacific Bell Internet Services 41 National Security Presidential Directive 16 President Bush signed a directive in July 2002, ordering the government to develop a cyber-warfare guidance plan. The strategic doctrine would detail when the U.S. would use cyber attacks, who would authorize it, what constitutes legitimate targets, and what kinds of attacks -- Denial of Service, hacking, worms -- could be used. 42 The Fifth Dimension The U.S. government and military have been studying the possibility of cyberwarfare for years, although it has only recently become a realistic threat. The U.S. military is convinced that "operations within the information domain will become as important as those conducted in the domains of sea, land, air, and space." (Source: Joint Vision 2020). 43 The full extent of the US cyber arsenal is among the most tightly held national security secrets. But reports point to a broad range of weapons under development, including use of computer viruses or "logic bombs" to disrupt enemy networks, the feeding of false information to sow confusion and the morphing of video images onto foreign television stations to deceive. 44 Maxim An extraordinary amount of detailed intelligence is needed about a target's hardware and software systems for mounting a large scale cyber attack. Commanders must know not just where to strike but be able to anticipate all the repercussions of an attack. 45 Indo-Pak Cyber War * It’s desi hackers vs rediff.comPak G Force. N Vidyasagar The Times of India www.ofbjp.org * War in Cyberspace, Priya Ganapati, www.rediff.com 46 Al Qaeda – ISI Gathbandan Al Qaeda uses simple hacking tools, e.g. LOphtCrack that can break 8 letter/figure password in two minutes. The tool is freely downloadable. Al Qaeda doing recce of critical infrastructure in particular that of US, Russia and India. Technical expertise: Khaled Sheikh Mohammad studied engineering in a university in North Carolina 47 Gathbandhan (contd) Some experts had training in computer security. ISI ran classes at Qandhar and in Malaysia under Muslim Hacker Club. Reports suggest revival. All money movement is done by e-mail and hawala. None dare burst it Al Jazeera still gets tapes. Tapes Trail remains uncompromised 48 Al Qaeda connection A hacker in US opines, “Al Qaeda as a network has known connections to ISI. ISI has contacts with hacker groups operating agaist other targets, The belief is that if you accept that there is connection between Al Qaeda and ISI and ISI is operating against for example India, then Al Qaeda (even in its present state) would be able to gain access to computer hacks and plan operations” 49 It may well happen in India Someday Al Qaeda, if it is still alive and operating will use cybespace as a vehicle for attacking infrastructure, not with bombs but with bytes. It would inflict biggest possible damage with least possible investment. Richard Clarke Presidential Adviser for Cyberspace Security (2001-2003) 50 Hato Ashwathama Let us not be naïve. There are no ethics in cybersociety War will continue to be between belief systems Flesh and silicate pitched against flesh and silicate 51 52 Technologies and Tools Black bag jobs Packet Sniffers Carnivore Red and Blue Pill Trap and Trace Omnivore Genoa 53 Technologies and Tools (contd) Protocol Analyser Blackice Defender Dsniff Ethereal Spyware, e.g. spyBuddy AntiSpy software 54 Blackbag Jobs A black-bag operation is a secret break-in by a law-enforcement or intelligence organization. It involves secret search of suspected locations, copying files or other materials. Besides scrounging trash, electronic and physical surveillance, pen-tests are part of the game. The search sometimes leads to what the hackers call “Rat Racing.” 55 PACKET SNIFFER A packet sniffer is a wiretap device that plugs into a computer network and eavesdrops on the network traffic. Like a telephone wiretap that allows an intelligence agency to listen in on the conversations, sniffer programme lets someone listen in computer conversation. Carnivore is one such packet sniffer or packet filter. 56 CARNIVORE: A PACKET SNIFFER Carnivore acts like a “packet sniffer” down into bundles called "packets". Carnivore eavesdrops on packets that all Internet traffic is broken into and watches them go by, then saves a copy of the packets it is interested in. 57 Carnivore News of Carnivore broke in July 2000. Public furor. How voracious Carnivore could get? Can it vacuum up Internet comns from innocent users? How frequently is it used? What is the legal basis? Is it permanently hooked up? FBI came clean or did they? “Designed to conduct efficient wiretaps of e-mail and online communications involving suspected hackers, terrorists and other criminals.” 58 CARNIVORE Carnivore is packed in a slim laptop and is described as “a tool within a tool” that enables the FBI, in cooperation with an Internet Service Providers (ISPs) to collect counter-intelligence by tapping e-mails or other electronic communications of targeted user. This is done on the court orders. Carnivore is used in two ways, viz. as a "content-wiretap" and a “trap-andtrace, pen-register.” 59 CARNIVORE BOX Hardware Authentication Device Windows NT or Windows 2000 Box with 128 megabytes of RAM A Ppentium 111, 4-18 gigabit of disk space and 2 G Jaz Drive Network Isolation Device 60 Carnivore Box A COTS (Commercial Off The Shelf) Windows NT (or Windows 2000) box with 128megabytes of RAM, a Pentium III, 4-18 gigabytes of disk space, and a 2G Jaz drive where evidence is written to The software is written in C++ The box has no TCP/IP stack, and therefore it is hack-proof. 61 Carnivore Box A hardware authentication device to control access to the box, preventing personnel from accessing the device without leaving telltale signs. It is a "network isolation device", which is probably a Shomiti or NetOptics tap. Some units are rumored to have dial-in modem ports, but it seems that the standard procedure is to have an FBI agent come in daily to exchange the Jaz disk for a fresh one. 62 RED AND BLUE PILL Carnivore comes in two pills, the “Red” one and the “Blue” one The former is administered when the ISP claims that it cannot or will not comply with the court order. The Blue Pill is a sophisticated Carnivore programme that scans only e-mails where the ISP cooperates for an investigation. The FBI explains the origin of the codename: "Carnivore chews all the data on the network, but it only actually eats the information authorized by a court order. 63 TRAP AND TRACE A less invasive wiretap that courts in the US allow without probable-cause. A pen-register records just the telephone numbers of inbound calls to a suspect. 64 IP Sniffing OMNIVORE Earlier, the FBI was using Carnivore in a mode they call "Omnivore": capturing all the traffic to and from the specified IP address. There are numerous products that can fulfill these types of requirements. The easiest is the freeware program known as TCPDUMP, which is available for both Windows and UNIX. 65 DARPA’s GENOA CARNIVORE is now known as DCS 1000 Effectiveness under doubt Genoa provides a cutting edge search engine, sophisticated information harvesting programme and P2P computing methods. Still in experimental stage. 66 PROTOCOL ANALYSIS Network wiretap comes with a feature called “protocol analysis,” which allows them to decode the computer traffic and make sense of it. Network sniffing has a distinct advantage over telephone wiretaps as many networks use shared media dispensing the need to break into a wiring closet to install the wiretap. This can be done from any network connection and is called promiscuous mode sniffer. However this shared technology is fast changing to switched technology, which implies that sniffer would have to actively tap the wire. 67 BLACKICE DEFENDER BlackICE Defender" has a feature called "Packet Logging". It monitors all traffic to and from the machine and saves it directly to disk just like Carnivore. This feature could be used when there is apprehension of being subjected to an attack. The popular freeware utility known as "Ethereal" can then be used to display the contents of this data. IP fing may also be done in a pen-register mode. Many packet sniffers could be used for this capability. ICE stands for Intrusion Countermeasures Electronics. 68 Ethereal Described as sniffing the glue that holds the Internet It is a freeware, network protocol analyzer for Unix or Windows. It allows examination of data from a live network Interactively browse the data. View summary and detailed description of each packet 69 dsniff Dsniff is a collection of tools for network auditing and penetration testing.dsniff, filesmart, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data, e.g password, e-mails, files etc. Its avowed purpose is to create security awareness. However significantly, it provides useful sniffing/wiretap utilities to hackers that are claimed to be more advanced than Carnivore. See http://www.monkey.org/~dugsong/dsniff/ 70 dsniff Websites www.monkey.org www.datanerds.net www.ethereal.zing.org www.sysadmin.oreilly.com www.freshmeat.net www.groar.org www.packages.debian.org 71 dsniff Websites (contd) www.science.uva.nl www.cvsweb.netbsd.org www.rpmfind.net www.linuxsecurity.com www.packetstormsecurity.nl www.itworld.com www.online.securityfocus.com 72 Spyware - Capture & record every IRC. - Capture & record banking information - Capture & record passwords - Capture & record everything typed or clicked on computer Some of these software products have the ability to send the above information covertly via email ! If you bank online or access password protected material, your passwords or private banking information can be exposed! 73 SPY SOFTWARE Downloadable, worth 40 dollars or so Monitor home PC from workplace or vice versa Features: Real-time remote keystroke viewing Remote desktop viewing Remote application and task management Remote open windows management 74 Spy Software SpyBuddy Internet Conversation Logging. Disk Activity Logging. Ability to log AOL/ICQ/MSN/AIM chat conversations. Record all changes made to the hard drive, e.g. directories and files, created, deleted or renamed. Window Activity Logging Clipboard Activity Logging Website Activity Monitoring 75 SpyBuddy Printed Document Logging Keystroke Monitoring Screen Shot Capturing Webwatch Keyword Alerting 76 Remote Capture Remote system information viewing. Remote file system navigation Remote locking control Remote Internet connection monitoring Document history viewing Mouse freeze control Remote Website launching. Remote application launching Remote shut down 77 Anti-spy software SpyCop X-Cleaner Anti-keylogger Nitrous Anti-spy Evidence Eraser software, e.g. Window washer Evidence Eliminator Pro Evidence Terminator 78 Anti-Spy Software SpyCop Find computer monitoring programmes used for spying. Allows you to rename any suspect files Minimizes software while scanning so you can do other things! You can right click on files in explorer and scan them for spyware! Single file scan function built in complete with browse capability Save results to a text file for future reference 79 SpyCop Print the results directly from the software SpyCop icon deters spyware installation Finds when a spy programme was installed. Checks if a spy programme is detectable with database search "LiveUpdate" feature to instantly update database without re-downloading! Unrecognizable to most spy programmes. A screensaver which scans the system when the user is absent. 80 Virus scanners don't detect spyware & Firewalls don't stop it! Many think someone needs access to your computer to install spy software. This just isn't true. Now there are hybrid versions that can be sent to you just like a virus in email. Why aren't more people upset about spyware? 81 82 Hacker (and terrorist) profiles are created not by identifying real evidence, but by probing scenarios, resemblances and similarities. Vranasvich 83 PROFILING & TRACKING TERRORISTS Est virtual identity before real identity. Exploit inter group rivalries Catalogue ustad-shagird relationship. Model “terror family” tree. Bio-print Psy-print. Form chain of custody of exploits. Become a chameleon Play KOOTNITI 84 EWCC LTTE NETWORK 145.640 145.650 JAFFNA 1.AMMA 2. ARASU 3. BANU 4. BURMAN 5. CALIFORNIA 6. CHICAGO 7. ESHWARAN 8. KENNEDY 9. LOSANGELES 10. MADI 11. MOSCOW 12. NAKULAN 13. RAHIM 14.SENTHIL 15. VINCENT 16. WILSON MANNAR 1. KALI 2. NE 3. N7 4. TIMBU MULLAITTIVU 1. AC 2. AIERISH 3 3. ALFA 1 4. ALLEN 5. BALRAJ 6. CHANDRU 7. CHARLIE 8.CHINANNA 9. DHANAM 10. DIVAKAR 11. FORK 12. IAN 13. KAMAL 14. KUMAR 15. MAHENDI 16. MURALI 17.PASILAM 18.PULLIANDI 5 6 9 11 12 15 16 11 2 8 7 6 3 10 1 13 7 JAFFNA 4 2 1 14 143.390 144.390 145.390 144.440 145.620 1 MULLAITTIVU 15 5 9 KILINOCHCHI 143.310 16 144.310 145.310 10 13 4 17 146.310/144.310 1 1 146.310/144.440 MANNAR BATTICALOA 5 6 7 8 1. AGATIAR 1 3 4 9 TRINCOMALEE 2 2 11 2. DILIP 12 144.850 1 14 3. KANDAN 144.750 15 4. KARIHALAN VAVUNIA 13 1 144.820 7 6 5144.850 5. KUMAR 1. BAHIR 3 3 2 2. DAYABARAN 6. NATHAR 8 2 6 8 4 1 10 7. NEWTON 3. JESSIE 7 12 8. RAJAN 4. KANNAN BATTICALOA 145.450 4 9. REAGAN 5. MAIN 5 144.550/145.550 10 9 145.350 6. MAHENDRAN 10. SABASAN 144.820 145.630 11. SIVAN 7. N 37 143.660 4 VAVUNIYA 3 145.630 12. SURAN 8. SENDAN 144.820 1 9. SHANKAR 11 3 147.430 10. SUSI 11. VIBULAN JAFFNA 11 146.910 8 12. VILLAI 2 KILINICHCHI 145.590 KILINOCHCHI 9 7 145.810 MANNAR 1. ALEX 6 10 12 2. GRACY 146.850 MULLAITTIVU 3.. KEEDAN 146.910 4. PARMALINGAM 5. RADHAN TRINCOMALEE 6. RANJIT 144.440 4 BATTICALOA 7.ROBIN TRINCOMALEE 1. BONAT 2. CHITRA 3. DAYA 4. DEEPAN 5. GURUJI 6.JENA 7. MAINDAN 8. MICHAEL 9. MOHAN 10. NATHAN 11. HIMAN 12. RADUMAN 13. RAMESH 14.SHARAD 15. SURENDRAN 145.650 85 Udhayan,, Easan Kumar . Captain David . Kiruban, Thavoor, Das, Romeo, Menon, Kesavan, Pathi Raththi Dixon Sivarasan @ Raghuvaran, the 'one eyed Jack', Ravi @ Ravichandran Suchindran @ Mahesh KP @ T.S.Kumaran A.S.Shanthakumar @ Rajan, Easan @ Easwaran ... Sigirthakumar, 86 E IDENTITY TO REAL IDENTITY Udhayan, Responsible for fabrication of Arul - 89 RPG shells, Easan. Incharge of hawala transactions. KP. Highest functionary in SE Asia. Kumar. Assistant of 'KP' in South East Asia. Captain David. Commander LTTE fleet of three vessels including Elusia and Sea Bird. Dixon. Communication expert Pottu Amman, Intelligence Chief 87 ISI: Cyber Surveillance Profiling ISI has set up a special wing called National Response Centre for Cyber Crimes (Associated Press, March 13, 2003). “Earlier it had to rely on US investigators to trace e-mails sent by the kidnappers of Danial Pearl” 88 GLOBAL INFORMATION BASE USAF Project Applied System Intelligence Inc. (ASI) KARNAC (Knowledge-Aided Retrieval iN Activity Context. Anchored on bunch of technologies and Database Management Systems Detect, identify and corroborate impending t5errorist operations interalia missions of the like kind 89 SOFTWARE JUNGLEE Produced by Bangalore-based company Stratify It sifts through myriad of unstructured information pieces that stream into CIA. It goes through e-mailsw, letters and even rumours sent in by the CIA operatives to lend aq logical pattern and coherence. Software understands different languages including Persian, Arabic and German. Funded by In-Q-Tel 90 CYBER COPS In 20001, National Science Foundation announced a scholarship programme for training cyber cops. 200 students bachelor's degrees in information technology and computer security at six U.S. universities. Graduates must work for the government for one year for every year of scholarship support they receive. 91 Universities involved in the Project Designated "Centers of Excellence" by the National Security Agency. They are Iowa State, Purdue University. The University of Idaho. The University of Tulsa. The Naval Postgraduate School. Carnegie Mellon University, which is also home to the government's CERT Coordination Center, formerly known as the Computer Emergency Response Team. 92 93 Electronic Communications Privacy Act (ECPA) Pronounced (ek-pah). This law was designed to clarify how existing wiretap laws apply to cyber space, but at the same time sets boundaries on how much the government could intrude into on-line privacy. Commonly called "Internet wiretap law" The law was originally promoted by privacy and civil rights organizations. However, subtle changes that made it into the final version ended up being what privacy advocates called "a wish list for the law enforcement community" 94 FISA-1978 Stands for Foreign Intelligence Surveillance Act. It establishes va legal regime for foreign int separate from ordinary lawenforcement. Deter-neutralize-exploit Special courts FII Foreign Intelligence Information is defined. FISA allowsb surveillance without court order 95 CALEA-94 Communications Assistance for Law Enforcement Act (CALEA) commonly called Digital telephony law was passed by the US Congress in 1994 to allow law enforcement to tap digital lines with the same ease in which they were tapping analogue lines. It required phone companies (common carriers) to make sure their systems would support wiretapping. This required existing systems to be retrofitted (estimated cost: $500 million) as well as to support new technological developments in wiretapping.96 Patriot Act - 2001 Broadly expands law enforcement agencies’ surveillance and investigative powers. Aim is to intercept and obstruct terrorism Contradictory views expressed on the threats to security viz threats to privacy 97 How is it different? Makes it easier for the investigative agencies to use FISA to circumvent Title 111. FISA courts can allow roving surveillance The standard under which FISA pen/trap orders can be obtained is much lower Pen/trap orders apply to both wire and electronic comns. When obtained all pen/trap orders are valid throughout the US 98 Regulatory Investigative Powers (RIP) of UK. RIP mandates black-boxes to be permanently located at all ISPs, unlike Carnivore, where boxes have to be brought on site for each investigation and removed when the investigation is done. Like Carnivore, a court order is needed. The technology provides an effective mechanism to bypass a constitutionally required process of court authorization for wiretapping of electronic communications. 99 SORM OF RUSSIA SORM is a Russian acronym for System of Ensuring Investigative Activity. The regulation requires all ISPs to install a “black box” rerouting device and to build a high-speed communication line, which would hot-wire the provider, and of necessity all Internet users to FSB headquarters. FSB is the successor agency to KGB. The agency needs a warrant but that is more of a formality that can be easily dispensed with because of the provision to reroute transmissions in real time to FSB offices. 100 Indian Scene Section 167 (2) (a) of the Code of Criminal Procedure has been amended in Andhra Pradesh to make the production of the accused for the purpose of remand through video linkage as valid. But for such law, the physical production of the accused for the purpose of remand would have been mandatory. Similarly, recording of evidence through video-conference has been permitted by the Calcutta High Court. 101 102 Let us therefore Fix the enemy in time and space (Cyber and geographical. Develop indigenous software that facilitates humans and machines to think and act together. Software that is:- Collaborative - Coordinative - Cognitive - Comprehensive (Total Information Awareness) Destroy, disrupt, deface, deny enemy’s ICT and cyber assets/access 103 Let us therefore Raise cyberCops. Revamp our intelligence agencies with intake from technical graduates, preferably trained in IT, biometrics, communications, bioinformatics and cryptography. In the army, convert Intelligence Corps into a technical arm. Create expertise within the Services and the DRDO. Promote R&D in our training institutions 104 Recommendations (contd) * Creation of a "cyber court" to preside over computer crime. * Increased participation and data sharing between the services and between the services and the Defence Ministry, particularly from the top down. * Creation of a National Infrastructure Protection Center. 105 And lastly Shed anti-technology mindset and stop glorifying technology illiteracy and humint 106 Concluding Remarks India not only needs cyber warriors but also cyber commanders whose cerebrums are ticking and net-worked, and not clogged by trivia. Tasmaad uttishth Kauntay udhay krit nishchaya 107 108