Govt carefully looking into hacking of sensitive data

The government is "very carefully" looking into reports of hacking of sensitive data at the National Security Council Secretariat and other key ministries by some Chinese computer network.

Investigations have suggested that computers in the secretariat were infected which made them vulnerable to Chinese hackers who managed to access sensitive documents. "There are reports. We are looking into it very carefully," Home Minister P Chidamabaram said.

According to a Canadian firm SecDev Group, which investigated the hacking of the Dalai Lama's computer in late 2008, as many as 12 computers of NIC had been affected by activities of Chinese hackers.

The investigation report said the GhostNet system directs the infected computers to download a Trojan, known as ghost RAT, which allows attackers to gain complete, real-time control. The ghost RAT is consistently controlled from commercial internet access accounts located on the island of Hainan in China.

The report surprised the government as it mentioned that computers in nine Indian Missions abroad which included key countries like the US and the UK had been penetrated by the Chinese hackers.

An email message arrives in the target's inbox carrying the malware in an attachment or web link. The attackers' objective is to get the target to open the attachment or malicious link so that the malicious code can be executed, it said.

"Our investigation reveals that GhostNet is capable of taking full control of infected computers, including searching and downloading specific files, and covertly operating attached devices, including microphones and web cameras."

"China is actively developing an operational capacity in cyberspace, correctly identifying it as the domain in which it can achieve strategic parity, if not superiority, over the military establishments of the United States and its allies."

"Chinese cyber warfare doctrine is well developed, and significant resources have been invested by the People's Liberation Army and security services in developing defensive and offensive capabilities," the report said.

The report said that at least 14 documents, including two marked secret, were stolen from NSCS computers.

"The exfiltrated documents focus on India's security situation in the states of Assam, Manipur, Nagaland and Tripura as well as the Naxalites, Maoists, and what is referred to as 'left wing extremism'," the report said.