India, US hack mystery - Fake memo

2012-01-11 21:55

kalahari.com

New Delhi - A memo that triggered a US investigation into a possible cyber-attack by Indian military intelligence is probably a fake, but it is clear from leaked documents that serious security breaches did take place.

A little-known hacker group, 'Lords of Dharmaraja', began posting the documents last year, but only drew widespread attention after the anti-virus software firm Symantec confirmed on Saturday that a segment of its source code had been accessed by the group.

Reuters has obtained a large digital cache appearing to contain e-mails that were posted by the group but were quickly blocked by file-sharing sites.

Dated between April and October last year, many of the e-mails were addressed to Bill Reinsch, a member of an official US commission monitoring economic and security ties between the United States and China, including cyber-security issues.

Military and cyber-security experts in India say the hackers may have created the purported military intelligence memo simply to draw attention to their work, or to taint relations between close allies India and the United States.

"There is some malicious intent, but to try and work out who has done it, given the current nature of the internet, is an exercise in futility," said Cherian Samuel, a specialist on cyber-security and Indo-US relations at India's Defence Ministry-funded Institute for Defence Studies and Analyses.

Speculation has focused on India's neighbours, arch-rival Pakistan and China, both of which are active in cyber-operations.

"It's also possible that Pakistan's hackers have done it, or China's hackers," said Mukesh Saini, an expert on cyber-security who served on the secretariat of India's national security council, an intelligence agency, until 2006.

But if that were the case, he said, the attackers could be acting without state sponsorship.

"Pro-Indian and pro-Pakistan individuals and small hacker groups have been attacking each other's government and non-government websites, with or without the consent of their government, for a very long time," he said.

Bureaucratic style

Two Washington sources close to the US China Commission said that while they were positive the commission was a target for Chinese intelligence, they found it hard to believe its activities were of any interest to Indian intelligence.

They said it was possible that Chinese operatives forged the document to embarrass both the commission and the Indians.

Other Washington officials, however, said it was equally possible, if not more plausible, that the alleged Indian intelligence document was genuine and that the Indians were spying on the commission out of their own interest in learning about Washington's attitudes to China.

Genuine or not, the sophisticated language the document was written in suggests it was created by someone with a clear grasp of India's bureaucratic style.

Technology blog Infosec Island said on Wednesday it had seen more data obtained by the Lords of Dharmaraja, including dozens of usernames and passwords for compromised US government network accounts.

Infosec Island blogger Anthony Freed said the hacker group claimed to have taken the data from servers belonging to India's Ministry of External Affairs and the Indian government's IT organisation, among others.

Officials in India declined to comment on the document's content or authenticity.

The alleged memo, which had a number of inconsistencies, including the letterhead of a military intelligence unit not involved in surveillance, claimed India had been spying on the USCC using know-how provided by Western mobile phone manufacturers.

While the memo looks dubious, the US-China Economic and Security Review Commission has not denied the veracity of the email cache, and US authorities are investigating the matter.

The emails include conversations between US embassy officials in Tripoli, DHL and General Electric about delivering medical equipment to Libya, as well as concerns that GE was helping China improve its jet engine industry.

Anonymous hacking collective

It is unclear whether Lords of Dharmaraja got the emails from Indian military intelligence servers, as they claim, but they first mentioned the documents in November, at the same time as they announced they hacked India's embassy server in Paris.

That breach was confirmed at the time by India's foreign ministry, and some experts believe the cache of US emails was taken from the same source, raising the question of how they ended up there in the first place.

"An individual could have hacked someone's personal computer and handed it over to the embassy. There are so many means and measures," said Saini, who himself was charged with leaking secrets to Washington in 2006. He proclaims his innocence.

"There may be co-operation between India and the United States, the United States may have shared them, or India could have done the hack... or a third country may have handed it to India," said Saini.

It is also unclear how Symantec's source code ended up with the Lords of Dharmaraja, whose public face goes by the name Yamatough on a Twitter feed.

Yamatough, whose profile picture shows a Tibetan painting of Dharmaraja, the Hindu god of death and justice, follows many members of the "Anonymous" hacking collective, and Symantec attributes the hack to that group.

"We are still investigating exactly where or how Anonymous accessed the code, but to date we have found no evidence that we shared any information with the Indian government," Symantec said in a statement.

"If the Indian government was indeed in possession of the code - as Anonymous claims and which has not yet been verified - we have no indication that it came from Symantec or as a result of our software assurance processes."

Read more on:    symantec  |  india  |  us  |  china  |  internet security
NEXT ON NEWS24X

SHARE:

Read News24’s Comments Policy

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
0 comments
Add your comment
Comment 0 characters remaining
 

Inside News24

 
/Movies
 
Traffic
Lottery
 
  • Wednesday Newlands - 15:47 PM
    Road name: M3 Southbound
    DELAYS approaching Wynberg Hill
  • Wednesday Milnerton - 13:26 PM
    Road name: Koeberg Road
    TRAFFIC LIGHTS not working at Racecourse Road - expect delays
 
More traffic reports...
 

Jobs in Cape Town [change area]

Property [change area]

Travel - Look, Book, Go!

Magical Massinga

Spend 5 nights at the gorgeous Massinga Beach Lodge in Mozambique and only pay for 4 from R13 220 per person sharing. Includes return flights, accommodation, transfers and romantic turndown. Book now!

Kalahari.com - shop online today

Up to 60% off - clearance sale!

Save up to 60% on appliances, books, electronics, toys, movies and more. Offer valid while stocks last. Shop now!

Deal of the Week!

Get bestselling John Green novels now just R99 each! Hurry and get yours while stocks last. Shop here.

Mind blowing deals on beauty & fragrances

Save up to 30% off beauty and fragrances. Offer valid while stocks last. Shop now!

Up to 50% off hair care products!

Save up to 50% on professional hair care products at kalahari.com. Offer valid while stocks last. Shop now!

30% off academic books

Score a mind blowing 30% off academic books! Offer valid while stocks last. Shop now!

OLX Free Classifieds [change area]

Samsung Galaxy s4

Mobile, Cell Phones in South Africa, Western Cape, Cape Town. Date October 24

Best bargain in big bay

Real Estate, Houses - Apartments for Sale in South Africa, Western Cape, Cape Town. Date October 25

VW Golf 6, 1.6 Trendline (Excellent condition)

Vehicles, Cars in South Africa, Western Cape, Cape Town. Date October 25

BlackBerry Curve 3G 9300

Keep it together Text. Email. Social. With all the different ways to...

From R2499.00

I'm shopping for:

Horoscopes
Aquarius
Aquarius

It is always easier to look out and see what needs changing. Looking in is a lot harder... Today you may need to look at what...read more

There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.








Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.