The public has a vital role to play in preventing future cyber attacks



File 20180417 101464 vorjds.jpg?ixlib=rb 1.1
Numerous cyber attacks in recent years have targeted common household devices, such as routers.
Shutterstock

Sandeep Gopalan, Deakin University

Up to 400 Australian organisations may have been snared in a massive hacking incident detailed today. The attack, allegedly engineered by the Russian government, targeted millions of government and private sector machines globally via devices such as routers, switches, and firewalls.

This follows a cyber attack orchestrated by Iranian hackers revealed last month, which targeted Australian universities.




Read more:
Explainer: how internet routers work and why you should keep them secure


A joint warning by the US and UK governments stated that the purpose of the most recent attack was to:

… support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.

The Russians’ modus operandi was to target end-of-life devices and those without encryption or authentication, thereby compromising routers and network infrastructure. In doing so, they secured legitimate credentials from individuals and organisations with weak password protections in order to take control of the infrastructure.

Cyber attacks are key to modern conflict

This is not the first instance of Russian aggression.

The US city of Atlanta last month was crippled by a cyber attack and many of its systems are yet to recover – including the court system. In that case, attackers used the SamSam ransomware, which also uses network infrastructure to infiltrate IT systems, and demanded a ransom payment in Bitcoin.

Baltimore was hit by a cyber attack on March 28 that disrupted its emergency 911 calling system. Russian hackers are suspected to have taken down the French TV station TV5Monde in 2015. The US Department of State was hacked in 2015 – and Ukraine’s power grid and military infrastructure were also compromised in separate attacks in 2015 and 2017.

But Russia is not alone in committing these attacks.

In December 2017, North Korean hackers were blamed for the WannaCry attack that infected over 300,000 computers in 150 countries, affecting hospitals and banks. The UK’s National Health Service was particularly bruised and patients had to be turned away from surgical procedures and appointments.

Iran has conducted cyber attacks against numerous targets in the US, Israel, UAE, and other countries. In turn, Iran was subjected to a cyber attack on April 7 that saw computer screens display the US flag with the warning “don’t mess with our elections”.

Prosecuting hackers is ineffective

The US government has launched prosecutions against hackers – most recently against nine Iranians for the cyber attacks on universities. However, prosecutions are of limited efficacy when hackers are beyond the reach of US law enforcement and unlikely to be surrendered by their home countries.

As I have written previously, countries such as Australia and the US cannot watch passively as rogue states conduct cyber attacks against targets within our jurisdiction.




Read more:
Is counter-attack justified against a state-sponsored cyber attack? It’s a legal grey area


Strong countermeasures must be taken in self defence against the perpetrators wherever they are located. If necessary, self defence must be preemptive – any potential perpetrators must be crippled before they are able to launch strikes on organisations here.

Reactive measures are a weak deterrent, and our response should include a first strike cyber attack option where there is credible intelligence about imminent attacks. Notably, the UK has threatened to use conventional military strikes against cyber attacks. This may be an overreaction at this time.

Educating the public is essential

Numerous cyber attacks in recent years – including the current attack – have targeted common household devices, such as routers. As a result, the security of public infrastructure relies to some extent on the security practices of everyday Australians.

So, what role should the government play in ensuring Australians are securing their devices?

Unfortunately, cybersecurity isn’t as simple as administering an annual flu shot. It’s not feasible for the government to issue cybersecurity software to residents since security patches are likely to be out-of-date before the next attack.

But the government should play a role in educating the public about cyber attacks and securing public internet services.

The city of New York has provided a free app to all residents called NYC Secure that is aimed at educating people. It is also adding another layer of security to its free wifi services to protect users from downloading malicious software or accessing phishing websites. And the city of Jonesboro, Georgia is putting up a firewall to secure its services.




Read more:
Artificial intelligence cyber attacks are coming – but what does that mean?


Australian city administrations must adopt similar strategies alongside a sustained public education effort. A vigilant public is a necessary component in our collective security strategy against cyber attacks.

This cannot be achieved without significant investment. In addition to education campaigns, private organisations – banks, universities, online sellers, large employers – must be leveraged into ensuring their constituents do not enable attacks through end-of-life devices, unsupported software, poor password protection policies and lack of encryption.

Governments must also prioritise investment in their own IT and human resources infrastructure. Public sector IT talent has always lagged the private sector due to pay imbalances, and other structural reasons.

It is difficult for governments to attain parity of technical capabilities with Russian or North Korean hackers in the short term. The only solution is a strong partnership – in research, detection tools, and counter-response strategies – with the private sector.

The ConversationThe Atlanta attack illustrates the perils of inaction – an audit report shows the city was warned months in advance but did nothing. Australian cities must not make the same mistake.

Sandeep Gopalan, Pro Vice-Chancellor (Academic Innovation) & Professor of Law, Deakin University

This article was originally published on The Conversation. Read the original article.

Advertisements

New, More Dangerous Hindu Extremist Groups Emerge in India


Christians concerned as rightwing factions splinter to form militant outfits.

PUNE, India, October 29 (CDN) — After more than a decade of severe persecution, India’s Christian minority is growing increasingly concerned over the mushrooming of newer and deadlier Hindu extremist groups.

Gone are the days when Christians had to watch out only for the Vishwa Hindu Parishad (World Hindu Council) and its youth wing, Bajrang Dal, which are closely linked with the most influential Hindu extremist umbrella organization, the Rashtriya Swayamsevak Sangh (RSS). With voter support faltering for the RSS’s political wing, the Bharatiya Janata Party (BJP), moderate and extremist sections within the Hindu nationalist movement are blaming each other, and militant splinter groups have emerged.

Claiming to be breakaway factions of the RSS, new groups with even more extreme ideology are surfacing. The Abhinav Bharat (Pride of India), the Rashtriya Jagran Manch (National Revival Forum), the Sri Ram Sene (Army of god Rama), the Hindu Dharam Sena (Army for Hindu Religion) and the Sanatan Sanstha (Eternal Organization) have launched numerous violent attacks on Christian and Muslim minorities.

The Sri Ram Sene was one of the most active groups that launched a series of attacks on Christians and their property in and around Mangalore city in the southern state of Karnataka in August-September 2008, according to a report, “The Ugly Face of Sangh Parivar,” published by the People’s Union of Civil Liberties (PUCL), in March 2009. In Jabalpur city in the central state of Madhya Pradesh, suspected extremists from the Abhinav Bharat attacked the Rhema Gospel Church on Sept. 28, according to the Global Council of Indian Christians. They had earlier attacked Pastor Sam Oommen and his family in the same city on Aug. 3.

The Hindu Dharam Sena has become especially terrifying for Christians in Jabalpur. Between 2006 and 2008, Jabalpur was plagued by at least three anti-Christian attacks every month, according to The Caravan magazine. In the western state of Gujarat and other parts of the country, the Rashtriya Jagran Manch has also violently attacked Christians, according to news website Counter Currents.

At an ecumenical meeting held in New Delhi on Saturday (Oct. 24), the secretary general of the Catholic Bishops’ Conference of India, Archbishop Stanislaus Fernandes, said the rise of fundamentalism was “seriously worrying” the church in India. The meeting was held to discuss prospects for immediate enactment of federal legislation to counter religious extremism with the proposed Communal Violence (Prevention, Control and Rehabilitation of Victims) Bill.

RSS ‘Too Mild’

The new groups, formed mostly by former members of RSS-connected outfits, find the Hindu nationalist conglomerate too “mild” to be able to create a nation with Hindu supremacy.

The Sri Ram Sene, mainly active in south India, was started by Pramod Muthalik after he was expelled in 2007 from the Bajrang Dal, one of the most radical groups in the RSS family, for being an extremist, according to the daily newspaper DNA. The Hindu Dharam Sena was started by Yogesh Agarwal, former worker of the Dharam Jagran Vibhag (Religion Revival Department) of the RSS, also in 2007, as he felt “the RSS did not believe in violence,” according to The Caravan. He had earlier launched the Dharam Sena, an offshoot of the RSS, in Madhya Pradesh and neighboring Chhattisgarh state in 2006.

The founding members of the Abhinav Bharat, which was started in Pune in 2006, also believe that the RSS is not militant enough. Outlook magazine notes that its members were planning to kill top leaders of the RSS for their inability to implement Hindu extremist ideology. The Rashtriya Jagran Manch, also a breakaway group of the RSS founded in 2007, has close links with the Abhinav Bharat.

Based out of Goa, a western state with a substantial number of Christians, the Sanatan Sanstha provides the ideological base for Hindu militant groups. It has close links with the Sri Ram Sene and publishes a periodical, Sanatan Prabhat, which occasionally spews hate against Christians.

Media reports warn of tensions due to the recent spurt in activity of the splinter groups.

“The hardliners are now getting into more extreme activities,” The Times of India daily quoted V.N. Deshmukh, former joint director of India’s Intelligence Bureau, as saying on Oct. 21.

The most extremist sections are disillusioned with the way the RSS is functioning, said Mumbai-based Irfan Engineer, Director of the Institute of Peace and Conflict Studies. Most RSS cadres were mobilized with an ideology that called for elimination of minorities, mainly Muslims and Christians, he told Compass, adding that many of them were highly disappointed with the way the movement was being led.

He said the BJP was restricted when it led a coalition government at the federal level from 1998 to 2004, keeping it from effectively working towards a Hindu nation. A majority of the BJP’s allies in the National Democratic Alliance were not Hindu nationalists.

“One section of the [Hindu nationalist] movement believes in acquiring state power by participating in parliamentary democracy, and the other wants to create a Hindu nation by violent means,” Engineer said.

It is believed that the divide within the RSS family may deepen even further.

Analysts believe that Hindu nationalism is losing relevance in national politics, as was evident in the two successive defeats of the BJP in the 2004 and 2009 general elections. Consequently, the RSS and the BJP may distance themselves from the hard-line ideology or make it sound more inclusive and less militant.

After this year’s elections, the RSS increasingly has begun to talk about the threat China poses to India and the need for development in rural areas, instead of its pet issues like Islamist terrorism and Christian conversions. This has disappointed sections of the highly charged cadres even more, and the splintering may accelerate.

For the next few years, “we will see more new names and new faces but with the same ideology and inspiration,” said Anwar Rajan, secretary of the PUCL in Pune.

Whether the new groups truly have no connection with the RSS is not fully known – that appearance may be an RSS strategy to evade legal action, said Dr. Asghar Ali Engineer, chairman of the Centre for Study of Society and Secularism in Mumbai.

He said relations between the RSS and the new groups can be compared with the ones between Maoist (extreme Marxist) rebels and the Communist Party of India-Marxist (CPI-M) in India. While the CPI-M distances itself from Maoist violence, it speaks for the rebels whenever security forces crack down on them.

At base, the newer rightwing groups surely have the sympathy of the RSS, said Pune-based S.M. Mushrif, former Inspector General of Police in Maharashtra, who has been observing Hindu extremist groups for years.

Report from Compass Direct News 

BANGLADESH: MUSLIM VILLAGERS BEAT EVANGELISTS IN SOUTHEAST


Nearly four months later, Christian worker still suffering nerve damage.

FULGAZI, Bangladesh, June 1 (Compass Direct News) – Nearly four months after Muslim villagers in this southeastern Bangladesh sub-district furiously beat two evangelists for showing the “Jesus Film,” one of the Christians is still receiving treatment for nerve damage to his hip.

Christian Life Bangladesh (CLB) worker Edward Biswas, 32, was admitted to Alabakth Physiotherapy Centre on May 5. Dr. Mohammad Saifuddin Julfikar told Compass that injuries Biswas sustained from the Feb. 8 attack in Feni district, some 150 kilometers (93 miles) southeast of Dhaka, had led to neurological complications in his hip.

“His hip joint was displaced, and one bone in the hip was fractured,” Julfikar said.

Biswas told Compass that he and 21-year-old Dolonmoy Tripura first showed the film on Feb. 7 in a home in Chandpur village, where they also taught the more than 200 poor and mostly illiterate viewers about the dangers of arsenic in water, mother-and-child health care and AIDS prevention. United Nations Children’s Fund reports say more than 30 million people are exposed to high levels of arsenic in water in Bangladesh and India.

Azad Mia of the same village requested they show the film at his house the following day. They went to his home the evening of Feb. 8, but because one of Mia’s family members was ill they were unable to screen the film. As they returned home, Biswas said, some villagers told them to show the film at their home; the two evangelists suspected a trap.

“At first they tried to sweet-talk us into going to their house,” Biswas said. “On our refusal to show the film, they tried to force us to go. I smelled a rat and again refused to go. Later they forcefully took us deep inside the village.”

About 20 people gathered and began beating them, he said.

“Some of the elders of the village told them to release us, but they were adamant to see the movie,” Biswas said. “They took us to a schoolyard, where we showed the ‘Jesus Film’ under tremendous compulsion. After showing 20 minutes of the first reel of the film, Muslim villagers again started beating us as we were lying on the ground. They punched and kicked us.”

While 15 to 20 Muslims struck them, approximately 200 others present for the screening looked on, he said. The villagers also beat a Muslim who had transported the CLB workers about the village on a three-wheel rickshaw for the showing of the film.

The assailants also destroyed the film projector, generator, microphone and the four reels of the film, Biswas said.

“Several days after the beating, I came to know from some villagers that a family had become Christian around 10 years ago in the neighboring village, “Biswas said. “All the villagers were angry, and they evicted that family from the village.”

The attack was pre-planned, with the showing of the film seen as a legitimate pretext for beating them, he said. They also threatened Daud Mia, a Muslim villager who had allowed them to show the film in his house the previous day, said Biswas.

CLB Area Supervisor Gabriel Das took Biswas and Tripura to a local doctor for treatment. CLB Chairman Sunil Adhikary expressed concern about freedom of religion and the rights of minorities provided in the country’s constitution.

“The beating was a flagrant violation of our rights,” said Adhikary. “They showed the film, but they did not force anyone to be converted. We forgave the attackers and showed them the love of our God.”

Since 2003 at least three CLB workers in Bangladesh have been killed – likely by Islamic extremists, say police and local officials – and several hundred have been injured.

In April Prime Minister Sheikh Hasina Wazed spoke about freedom of religion, democratic governance and equal opportunity in Bangladesh with Gerard Valin, vice-admiral of the French Navy and commander of the French Joint Forces in the Indian Ocean, who was visiting the country. Hasina told the commander that Bangladesh would protect religious freedom for all faith groups, as well as ensure freedom of expression for all minorities.

Report from Compass Direct News