The Union home ministry has banned its officials and staff from opening “social networking sites such as Google, Facebook ... and the websites of free online games” on official government computers after it has recieved fresh reports of cyber espionage attacks on sensitive government installations, including the home ministry.
The home ministry advisory warns that attackers have used “Google, Facebook and some other social networking web portals” to “identify critical individuals” to “steal information and passwords for further espionage from the infected computer”. The detailed advisory was sent to all home ministry offices in New Delhi — at North Block, Jaisalmer House and Lok Nayak Bhavan — a fortnight ago.
Close on the heels of the home ministry’s advisory, national security adviser Shivshankar Menon said here Thursday evening that the government’s main concern was to maintain security of critical data and networks where information was stored. India faced 8,000 cyber attacks on the Delhi Commonwealth Games’ ticketing and scoring systems but these were repelled, he said while delivering the Prem Bhatia Memorial Lecture.
It may be noted that top bureaucrats and several government departments have used social networking sites to share concerns and views and reach out to people. “Reports have been recieved about recent cyber espionage attacks on various installations of the government. We are asking everybody to be cautious,” a government official said. Ministries and departments, particularly the home, defence and external affairs ministries and the Delhi police, need to take extra precautions, an MHA official said.
Explaining the modus operandi of recent cyber attacks, the MHA said the attackers had used social networking sites to “identify critical individuals and thereafter did a recce of those entities... After the recce, the attackers prepared a maliciously-crafted Microsoft Word file, Microsoft Excel File or the PDF document with the title of interest to the targeted entity.” It explained: “Once opened, the attachment executed some of the malicious scripts and downloaded the second level of binaries from a URL. These binaries would act at the command of the attacker, including stealing some of the information and passwords for further espionage.”
MHA officials have been told not to access personal emails on the Internet from an official computer. There should be a restricted usage of USB computer storage media such as pen drives, memory sticks and external hard disk drives. Officers, moreover, should not visit any website “not connected” to his/her work, the advisory said.
The officials have also been directed not to use personal email accounts such as those on Yahoo, Rediffmail, Gmail, Hotmail, etc for official matters, even for drafting concept notes, and use only NIC email accounts to send official information. The MHA also asked its officials to change passwords every 15 days and not disclose these to anyone.
In his lecture, meanwhile, the NSA said it was “very hard” to deal with this new menace by using “old methods”, and that there was a long way to go before we could be fully capable of dealing with such threats. He noted that even internationally, the laws are not clear on the subject: “It is still not clear whether attacks on US networks would be considered an international crime.”