India network security became a proverb: military sale of submarine information can be leaked-India, network security, submarine-IT information
Recently, India from France DCNS Group (France-owned shipbuilding enterprise) buying "marmoratus fish"-class submarines of the technical and operational specifications was leaked to the Australia newspaper (The Australian). Events in India Narendra Modi (Modi) Government launched a $ 150 billion (US $ 113 billion) after the plan to modernize the military. This is India arms procurement and digital fundamental defects: the India lacks expertise in network security and data encryption.
DCNS has recently won a $ 50 billion (US $ 37 billion) contract for Australia to build next-generation 12 new submarines. Although the United States publicly neutral during the bidding process, but the media widely reported that the United States privately suggested that Australia carefully, because France in terms of military secrets are not careful.
India, China Defense Minister Manohar Parrikar's initial reaction was, not too worried about leaks. He added that India is not disclosing sources, show that there is nothing to worry about. The next day, Parrikar accused The Australian reports resulting in such an awkward situation.
Articles and commentary eventually forced India defence establishment admitted that leaks a significant, "marmoratus fish" class submarine's effectiveness has been seriously damaged. The leak caused severe damage in New Delhi become clearer: on September 4, Parrikar cancel the other three submarines of the proposed procurement .
But this is not India appears for the first time this type of network security leak. In March 2010, the communications and IT Minister Sachin Pilot told reporters, India Government network was attacked by China, but "none of them worked hands."
Nearly a year before the Pilot claims, United States-Canada Network spy hunters tracking a cyberespionage organization in southern China mainly for India to launch attacks.
This is likely to come from China's elite spy organization-University. The Group visited India has a large number of computers and steal more of the Chinese Defense Ministry India missile systems design and other technical details. They visited Nagaland, Tripura, Manipur and other documents relating to the security landscape. The spy organization has also attacked India organization, including India, China Ministry of Foreign Affairs, India the United States Embassy, even attacking the Tata Group, companies like DLF and YKK India. Dang United States-Canada Internet Spy Hunter notification, New Delhi was told.
The United States-Canada Panel report released in 2010. Report stressed that the weak security of an organization may lead to another organization of data theft. This is why experts find it hard to identify Cyber-espionage original source and network spy why country can refute such accusations.
Network security is not simply achieved by installing Firewall and anti-virus software. Network security is a work in progress, so you must market monitoring organization of computer security architecture. However, after the report was released, India in the relief effort is far from enough .
Last year, the Australia Institute for strategic policy (Australian Strategic Policy Institute,ASPI) released the report of the Asia-Pacific network matured. In the ASPI report, India in four network security scored only 4 points (a total of 10 points), far less than China, Japan and Singapore. These include the organizational structure, network problems, security assistance, cyber crimes Center and financial cyber crime law, as well as the role of the military role in network security program.
India network as a whole maturity level is 50-far lower than Australia (79.9), New Zealand (72.8), Japan (85.1), China (64), and Brunei (51).
Social media monitoring is India another weakness of network security architecture. For example, on the Internet hype man named ISIS atrocities in Mehdi Masroor Biswas, India United Kingdom understand only after a reporter tracked and arrested.
India in the area of network security skills shortage. India Secretariat in 2013, the National Security Council prepared a confidential document shows that India government organizations employ 556-only network security experts. By comparison, the Chinese Government hired security experts to 125,000, United States was 91,080 .
Network security is more than technology or software problems. In addition to knowledge of information technology and network security also needs to be upgraded to subject areas, including engineering and sociology. When dealing with State-sponsored hackers, and experts need to know a large number of factors, including the national psychology, motivation, political decision-making processes and the depth of expertise and resources.
India and Israel and the United States maintain close defence and economic ties. Israel and the United States is the leader in network security. India Government should be actively encouraging these countries ' security company acquisitions in India business, to pass on their expertise to India local companies and help India founded startups in this area.
India aspires to be a world power, development of computer software and hardware superpower. In order to realize these aspirations, India must first address skills gaps and longer-term strategies.
印度网络安全成笑谈:军方买卖潜艇信息都能泄露 - 印度,网络安全,潜艇 - IT资讯
最近,印度从法国DCNS集团(法国国有船舶制造企业)购买的“鲉鱼”级潜艇的技术和操作规格被泄露给了《澳大利亚人报》(The Australian)。事件发生在印度莫迪(Modi)政府启动1500亿澳元(折合1130亿美元)计划使军队现代化之后。这是印度武器采购和数字化基本缺陷的警钟:印度在网络安全和数据加密方面缺乏专业知识。
DCNS最近赢得500亿澳元(折合370亿美元)的合同,为澳大利亚建造下一代12艘新潜艇。尽管美国在投标过程中公开保持中立,但媒体广泛报道称,美国私下却建议澳大利亚慎重,因为法国在军事机密方面不够谨慎。
印度中国国防部长Manohar Parrikar的最初反应是,不用太过担心泄露。他补充道,印度不是泄露来源,表明没什么可担心。第二天,Parrikar指责The Australian发表报道致使如此尴尬的局面发生。
文章和评论最终迫使印度国防机构承认,泄露事件重大,“鲉鱼”级潜艇的有效性已严重被破坏。这次泄露造成的严重损害在新德里渐渐明朗:9月4日,Parrikar取消另三艘潜艇的采购提议。
但这不是印度首次出现此类网络安全泄露事件。2010年3月,通信与IT政府部长Sachin Pilot向记者透露,印度政府网络被中国攻击,但“没有一次成功得手”。
Pilot主张前近一年,美国-加拿大网络间谍狩猎者追踪了中国南方网络间谍组织主要针对印度发起的攻击活动。
这支间谍组织很可能来自中国名校-电子科技大学。该组织访问了印度中国国防部的大量计算机并窃取了多个印度导弹系统的设计和其它技术细节。他们访问了与那加兰、特里普拉、曼尼普尔等地安全前景有关的文件。这支间谍组织还攻击了印度组织机构,包括印度中国外交部、印度的美国大使馆,甚至攻击了Tata Group、DLF和YKK India等公司。当美国-加拿大网络间谍狩猎者通知后,新德里才得知。
这支美国-加拿大小组2010年发布报告。报告强调,某组织的弱安全可能导致数据另一组织盗窃。这就是为什么专家发现很难查明网络间谍的原始源头和实施网络间谍的国家能反驳此类指控的原因所在。
网络安全不只是仅仅通过安装防火墙和杀毒软件来实现。网络安全是正在进行的工作,因此必须市场监控组织机构的计算机安全架构。然而,自报告发布后,印度在补救方面的功夫远远不够。
去年,澳大利亚战略政策研究所(Australian Strategic Policy Institute,ASPI)发布亚太地区网络成熟报告。在ASPI这份报告中,印度在四个网络安全方面得分仅为4分(总分10分),远远低于中国、日本和新加坡。这些包括网络问题的组织结构、网络安全协助、网络犯罪中心和金融网络犯罪法,以及军事角色在网络安全中发挥的作用程序。
印度整体网络成熟度等级为50—远远低于澳大利亚(79.9)、新西兰(72.8)、日本(85.1)、中国(64),甚至文莱(51)。
社交媒体的监控是印度网络安全架构另一弱点。例如,在互联网上大肆宣扬ISIS暴行的男子名叫Mehdi Masroor Biswas事件中,印度在英国记者追踪之后才得知,并逮捕。
印度在网络安全方面技术短缺。印度国家安全委员会秘书处2013年准备的一份机密文件表明,印度政府所有组织机构仅聘用了556名网络安全专家。相比较而言,中国政府聘用的网络安全专家为12.5万,美国为9.108万。
网络安全不仅仅是技术或软件问题。除了信息技术知识以外,网络安全还需要提升至学科范围,包括工程和社会学。当处理国家支持的网络黑客时,专家需要了解大量因素,包括国家的心理学、动机、政治决策过程以及专业知识和资源深度。
印度与以色列和美国保有紧密的防御和经济联系。以色列和美国都是网络安全方面的领先者。印度政府应积极鼓励这些国家的网络安全公司收购在印度的业务,将它们的专业知识传递给印度本土公司,并帮助印度在该领域创立初创企业。
印度渴望成为一个世界强国,计算机软件和硬件发展的超级大国。为了实现这些愿望,印度必须首先解决技能差距并采取更长期的战略。