Recent Surveillance Projects in India

Cyber Swachhta Kendra

To combat cyber security violations and prevent their increase, Government of India’s Computer Emergency Response Team (CERT-in) in February 2017 launched ‘Cyber Swachhta Kendra’ (Botnet Cleaning and Malware Analysis Centre)-a new desktop and mobile security solution for cyber security in India.

  • The centre is operated by CERT-In under Section 70B of the Information Technology Act, 2000. The solution, which is a part of the Ministry of Electronics and Information Technology’s Digital India initiative, will detect botnet infections in India and prevent further infections by notifying, enable cleaning and securing systems of end-users. It functions to analyze BOTs/malware characteristics, provides information and enables citizens to remove BOTs/malware and to create awareness among citizens to secure their data, computers, mobile phones and devices such as home routers.

Common methods in Cyber Attacks

  • Physical Attack: The computer infrastructure is damaged by using conventional methods like bombs, fire, etc.
  • Syntactic Attack: The computer infrastructure is damaged by modifying the logic of the system in order to introduce delay or make the system unpredictable. Computer viruses and Trojans are used in this type of attack.
  • Semantic Attack: This is more treacherous as it exploits the confidence of the user in the system. During the attack the information keyed in the system during entering and exiting the system is modified without the user’s knowledge in order to induce errors.

Tools of Cyber Terrorism

Cyber terrorists use certain tools and methods to unleash this new age terrorism. These are:

  • Hacking: The most popular method used by a terrorist. It is a generic term used for any kind of unauthorized access to a computer or a network of computers. Some ingredient technologies like packet sniffing, tempest attack, password cracking and buffer outflow facilitates hacking.
  • Trojans: Programmes which pretend to do one thing while actually are meant for doing something different, like the wooden Trojan Horse of the 1st Century BC.
  • Computer Viruses: It is a computer programme, which infects other computer, programmes by modifying them. They spread very fast.
  • Computer Worms: The term ‘worm’ in relation to computers is a self-contained programme or a set of programmes that is able to spread functional copies of itself or its segments to other computer systems usually via network connections.
  • E-Mail Related Crime: Usually worms and viruses have to attach themselves to a host programme to be injected. Certain emails are used as host by viruses and worms. E-mails are also used for spreading disinformation, threats and defamatory stuff.
  • Denial of Service: These attacks are aimed at denying authorized persons access to a computer or computer network.
  • Cryptology: Terrorists have started using encryption, high frequency encrypted voice/data links, etc. It would be a Herculean task to decrypt the information terrorist is sending by using a 512-bit symmetric encryption.

Cyber Surakshit Bharat

Cyber Surakshit Bharat is a first of a kind public-partnership where it will leverage the expertise of the IT industry in cyber security. Cyber Surakshit Bharat will be led by MeitY and supported by NeGD, and a consortium of private players including Microsoft, WIPRO, Redhat, Dimension Data and Deloitte.

  • In addition, there would be other partners who will join as Technical Knowledge Partners. Cyber Surakshit Bharat also aims to conduct a series of training programs across Delhi, Mumbai, Bangalore, Hyderabad and Chennai.

Central Monitoring System (CMS)

The CMS is the country’s ace surveillance project which aims to create a system that provides central and direct access to information without any intervention by third parties.

  • Developed by the Centre for Development of Telematics (C-DOT), the CMS is capable of accessing all communication data (telephone calls - mobile and landline, VoIP calls, emails, and other communication on social media).
  • In essence, the CMS is an extension of the already existing ‘Lawful Interception and Monitoring System’ which telecom and internet service providers are required to install.
  • The service providers are required to integrate Interception Store and Forward (ISF) servers which are connected to various Regional Monitoring Centres.
  • What this essentially means is that the CMS has direct access to vast amounts of real-time data and metadata of users.

Although much information does not exist about the program, the government apparently has been running trials in gradual phases. Going by the available information, the Indian government may have been successful in creating India’s version of PRISM program run by the NSA.

DRDO NETRA

Developed by the Centre for Artificial Intelligence and Robotics (CAIR) of the Defence Research and Development Organisation (DRDO), NETRA is a native system developed by Indian scientists and other staff.

  • It was built with the intent of combating threats both internal and external by monitoring real-time Internet traffic.
  • NETRA has apparently been fully functional since 2014 and is used by the Intelligence Bureau and the Research and Analysis Wing.
  • NETRA has the capability to intercept and analyse data (including voice traffic) passing through Google, Skype, and other social networking forums.
  • It can also track keywords from emails, tweets, Facebook status updates, comments, blogs, messages on forums, and even images shared over the Internet.

National Intelligence Grid (NATGRID)

In view of the increasing number of terrorist activities in the country, NATGRID was proposed just after the 26/11 Mumbai attacks.

  • It is essentially an intelligence grid that links all the stored data from different government and intelligence entities, which enables it to analyse data gathered by the linked agencies.
  • The grid provides intelligence agencies access to data sources, including bank accounts, details regarding taxes, credit card transactions, vehicle registration, immigration and visa records among others, which are then used to decipher patterns and track suspicious activities.

Lawful Interception and Monitoring Project (LIM)

The LIM works in a similar way to NETRA. It is a program for surveillance of Internet traffic in India, allowing the monitoring of all traffic (text and audio) passing through ISPs.

  • The LIM’s unique capability is to conduct automated keyword searches, which allows government agencies to track data passing through servers for as long as they want, without the ISP’s knowledge.
  • Reports have pointed out that the legal procedures for such monitoring is seldom followed, resulting in the violation of privacy of the concerned individuals.

Related Content