Even as Chinese and Pakistani online espionage agents continue their
attempts to hack into Indian computer systems, hostile intelligence
agencies are also trying to steal defence secrets through use of
computer storage media (CSM) devices like pen drives, removable hard
disks, CDs, VCDs and the like.
The Intelligence Bureau has sounded a red alert about “intelligence
officers of a hostile country” encouraging their “assets” working in
Indian defence establishments to use CSM devices to pilfer classified
information from computer networks.
“There have been reports of increasing number of incidents of leakage
of data/documents in defence establishments through the use of pen
drives and other digital storage devices,” says the security alert,
issued to the defence ministry as well as the Army, Navy and IAF HQs.
Consequently, MoD has ordered a thorough review of the entire policy on
“the entitlement and usage of CSM devices” in its different
establishments, said sources.
While acknowledging the functional necessity to allow some officers to
use such devices, MoD has asked for a comprehensive directorate-wise
list of pen drives, laptops and internet connections being used in its
This comes even as the Army is conducting a court of inquiry against a
major posted in the strategically-located Andaman and Nicobar Command,
who had stored over 2,000 classified and sensitive documents on his
personal computer which was “hacked” from Pakistan earlier this year.
While the major has been cleared of espionage charges, the probe dwells
upon how he was in the “unauthorised” possession of so many secret
documents, normally handled by much senior officers, and why he
violated cyber-security guidelines, which expressly prohibit such files
from being stored on a computer with internet connectivity.
With cyber-warfare being a top military priority for China, its online
espionage agents frequently break into sensitive Indian computer
networks. A group of Canadian and American cyber-security researchers
in their recent report `Shadows in the Cloud’, in fact, held
China-based hackers were regularly accessing classified documents from
several Indian defence and security establishments, as reported by TOI
MoD, however, says “only certain internet-facing computers, which had
no sensitive defence data, were compromised” by the Chinese hackers.
To prevent such incidents from recurring, “a crisis management plan”
has been worked out “for measured response in case of any untoward
The Defence Information Assurance and Research Agency (DIARA), a nodal
agency mandated to deal with all cyber-security matters, for instance,
is working closely with national agencies like the Computer Emergency
Response Team and the National Technical Research Organisation. The
armed forces, on their part, are also on a high alert to guard against
“focussed large-scale cyber attacks” on their networks