Information Technology is a powerful tool for accelerating economic development. Developing countries like India, have thus focused on development, by effectively using the IT and Web. With emerging utility of these highly productive, convenient and flexible services, one must also be worried about the hazardous clouds of cyber threats looming around.
Vulnerability of Government websites was once again highlighted, with announcement by the Indian Minister of State for Communications-IT, Sachin Pilot, of 117 websites being hacked between January and June in 2011. However, the most significant attack is the one that has been dubbed ‘Luckycat’ attack. The ‘Luckycat’ campaign primarily attacked Indian military sites and was reported to be sourced from China. The attack was active since June 2011 (till Feb 2012) and reportedly attacked about 223 computers systematically.
The attackers employed minimum amount of work needed to attain maximum gains by using very simple viruses, which needed very little development time or skills, along with easily available Web host servers, to successfully carry out a very effective attack. The malicious document, attached to emails, when loaded, activated the VBS.Sojax malware. HTTP was very wisely used to breach firewalls. These attacks have shown how a brilliant attacker can succeed, even without much experience.
What are the solutions?
We must always keep an up-to-date IT network with regular defence plans. Blocking any website, application or email that can lead to network infection is crucial. A solution with improved warning capabilities is ideal. Government officials have thought of implementing various measures in terms of utility policies for security, but how far these measures can succeed is yet to be seen.
Perhaps a better solution to these issues can be a unified threat management solution, which can single-handedly handle all the issues of security. Cyberoam helps Security Governance with Identity-based Controls and visibility to improve warning capabilities.