Monday, December 25, 2006

Indian Government network under Trojan attack

Today, Indian government is using computers everywhere so much that it has become a worthwhile target for Trojan and Virus writers. Government recently found out a virus/Trojan doing rounds in their network. It seems to be a custom virus written specifically for this network as it isn’t found anywhere else and isn’t detected by the standard anti-virus and anti-spyware software. They enter the network via an e-mail attachment called “cabnote.doc”. This particular name of the file is same as what is used by the cabinet ministers’ office to send important confidential notes of officials. So the social engineering trick here is that these officials who receive it will eagerly open these documents infecting their machines. Government hasn’t revealed the exact damage this virus causes. They have back traced the source of this virus to an IP address in California, USA. Cyber security cell headed by IB is investigating this further. They have come up with a set of guidelines to counter this type of threat in future. The challenge the government is facing now is to implement the guidelines. The guideline mainly translates to get the government officials who lack computer proficiency to be taken through a sensitization program. As of now all government departments are on high alert regarding this issue.

Although, India, a nation of billion people, majority of who are still poor and uneducated, we are a nuclear state and have quite a significant role to play in south Asian sub continent. In this age of terrorism tearing nations apart, we need to protect ourselves against any kind of external forces, physical or virtual, trying to harm us. As computer penetration in this country’s administration increases, the cyber threat becomes more real than ever. As our President put it, Open source software is the only way to help our nation of billion people. With open source software we can build the in-house expertise that will not go obsolete every time a closed source software vendor decides to change his business model. With this in-house expertise it will be possible to protect ourselves much better against all future threats as we can adapt to the changing scenarios more quickly and cost-effectively and be more proactive than reactive.