India has scary nuke hack

India has scary nuke hack

Summary: WASHINGTON, June 5 - India's most sensitive nuclear weapons research facility was breached this week by computer hackers who tapped into servers to steal and erase atomic data, senior U.S.

SHARE:
TOPICS: India, Security
0

WASHINGTON, June 5 - India's most sensitive nuclear weapons research facility was breached this week by computer hackers who tapped into servers to steal and erase atomic data, senior U.S. and Indian officials said Friday. The sophisticated attack on India's Bhabha Atomic Research Center in Bombay raised new alarms about the proliferation of nuclear weapons data and the security of nascent nuclear weapons programs like those in India, Pakistan and elsewhere.

The sprawling Bhabha research center houses several facilities, including a unit to extract the plutonium used in India's first nuclear test in 1974 and those which followed in April of this year at the Pokharan test site. Until Friday, the attack on the center had gone unacknowledged by officials in the United States or India. U.S. military officials told MSNBC that the incident, which began Monday night, may have originated from computers in Turkey. In response to the hack attack, the U.S. Army early Friday issued an advisory warning ordering Army information systems managers to monitor and/or block a series of internet provider (IP) addresses suspected of being involved in the hack.

"Turkey is the primary conduit for cyber attacks" the advisory noted.

Group did it to protest tests
Reports of the hack first appeared in Wired News, an Internet site specializing in online developments. The group suspected of being behind the attack claimed credit by e-mailing allegedly purloined data to a Wired News reporter, James Glave.

The hacker group, which calls itself "Milw0rm," also hacked a cryptic message on to a Web page along with a mushroom cloud.

"Don't think destruction is cool, coz its not," the hacked inscription reads in part.

Three members of the group, who go by the handles of SavecOre, JF and VeNoMouS, told Wired News that they began their efforts Monday and did it to protest the recent nuclear tests by India. Milw0rm members claim to have downloaded five megabytes of information, including e-mails between scientists and research papers. They also claim to have completely erased data on two of six servers at Indian facility.

A senior U.S. intelligence official says the Central Intelligence Agency has obtained the material hacked at the Bombay facility early Friday and is in the process of reviewing it.

A highly technical e-mail made publicly available by Wired News was analyzed by David Albright, director of the Institute for Security and International Studies for MSNBC. Albright says the e-mail shows evidence of civilian rather than military nuclear research. But that hardly mitigates the breach of India's security system.

India's low profile
India has not publicly commented on the attack, though Friday in the course of an MSNBC chat, Vasundhara Raje, India's minister of state for foreign affairs, refused to comment when asked about the alleged attack. "We have no information on this right now," she said.

However, the report was verified by a senior CIA official and independently by a senior civil servant in the Indian government. None of the sources would agree to be named.

The attack is bound to prove embarrassing for New Delhi, which only Thursday was denounced along with Pakistan by the five permanent members of the U.N. Security Council for unilaterally declaring themselves nuclear weapons states. India has argued that its decision was an effort to break what it sees as a damaging monopoly on nuclear weaponry held by the United States, China, Russia, Britain and France. Pakistan acted in response to its rival, India.

US learned of attack
A source with access to senior U.S. Defense Department officials in information systems says the Defense Intelligence Agency was aware of the hack as early as Thursday. The source also said the National Security Agency monitored the hack in real time.

This source says says the hackers apparently exploited a known security weakness in the Sendmail program, the software that routes e-mail from one computer to another. The source says that the Indians had known about the security hole but simply never bothered to fix it.

That information confirms Milw0rm's own claim as to how they accessed the Bhabha computers.

"They had certain things secured to the bone, and yet other things were completely obsolete," Milw0rm member Savec0re told Wired News.

According to a report on AntiOnline, a Web site that chronicles infamous computer intrusions, Milw0rm members are continuing their attacks on government computers inside India, though these attacks are on unclassified systems, according to the AntiOnline Web site.

The three Milw0rm members who carried out the attack claim to be teen-agers, located in England, New Zealand and Holland, according to profiles located on the AntiOnline site. The group hasn't spoken by phone to anyone, preferring to conduct its interviews via the real time Internet chatting system known as Internet Relay Chat where it is easy to hide one's identity and place of origin.

WASHINGTON, June 5 - India's most sensitive nuclear weapons research facility was breached this week by computer hackers who tapped into servers to steal and erase atomic data, senior U.S. and Indian officials said Friday. The sophisticated attack on India's Bhabha Atomic Research Center in Bombay raised new alarms about the proliferation of nuclear weapons data and the security of nascent nuclear weapons programs like those in India, Pakistan and elsewhere.

The sprawling Bhabha research center houses several facilities, including a unit to extract the plutonium used in India's first nuclear test in 1974 and those which followed in April of this year at the Pokharan test site. Until Friday, the attack on the center had gone unacknowledged by officials in the United States or India. U.S. military officials told MSNBC that the incident, which began Monday night, may have originated from computers in Turkey. In response to the hack attack, the U.S. Army early Friday issued an advisory warning ordering Army information systems managers to monitor and/or block a series of internet provider (IP) addresses suspected of being involved in the hack.

"Turkey is the primary conduit for cyber attacks" the advisory noted.

Group did it to protest tests
Reports of the hack first appeared in Wired News, an Internet site specializing in online developments. The group suspected of being behind the attack claimed credit by e-mailing allegedly purloined data to a Wired News reporter, James Glave.

The hacker group, which calls itself "Milw0rm," also hacked a cryptic message on to a Web page along with a mushroom cloud.

"Don't think destruction is cool, coz its not," the hacked inscription reads in part.

Three members of the group, who go by the handles of SavecOre, JF and VeNoMouS, told Wired News that they began their efforts Monday and did it to protest the recent nuclear tests by India. Milw0rm members claim to have downloaded five megabytes of information, including e-mails between scientists and research papers. They also claim to have completely erased data on two of six servers at Indian facility.

A senior U.S. intelligence official says the Central Intelligence Agency has obtained the material hacked at the Bombay facility early Friday and is in the process of reviewing it.

A highly technical e-mail made publicly available by Wired News was analyzed by David Albright, director of the Institute for Security and International Studies for MSNBC. Albright says the e-mail shows evidence of civilian rather than military nuclear research. But that hardly mitigates the breach of India's security system.

India's low profile
India has not publicly commented on the attack, though Friday in the course of an MSNBC chat, Vasundhara Raje, India's minister of state for foreign affairs, refused to comment when asked about the alleged attack. "We have no information on this right now," she said.

However, the report was verified by a senior CIA official and independently by a senior civil servant in the Indian government. None of the sources would agree to be named.

The attack is bound to prove embarrassing for New Delhi, which only Thursday was denounced along with Pakistan by the five permanent members of the U.N. Security Council for unilaterally declaring themselves nuclear weapons states. India has argued that its decision was an effort to break what it sees as a damaging monopoly on nuclear weaponry held by the United States, China, Russia, Britain and France. Pakistan acted in response to its rival, India.

US learned of attack
A source with access to senior U.S. Defense Department officials in information systems says the Defense Intelligence Agency was aware of the hack as early as Thursday. The source also said the National Security Agency monitored the hack in real time.

This source says says the hackers apparently exploited a known security weakness in the Sendmail program, the software that routes e-mail from one computer to another. The source says that the Indians had known about the security hole but simply never bothered to fix it.

That information confirms Milw0rm's own claim as to how they accessed the Bhabha computers.

"They had certain things secured to the bone, and yet other things were completely obsolete," Milw0rm member Savec0re told Wired News.

According to a report on AntiOnline, a Web site that chronicles infamous computer intrusions, Milw0rm members are continuing their attacks on government computers inside India, though these attacks are on unclassified systems, according to the AntiOnline Web site.

The three Milw0rm members who carried out the attack claim to be teen-agers, located in England, New Zealand and Holland, according to profiles located on the AntiOnline site. The group hasn't spoken by phone to anyone, preferring to conduct its interviews via the real time Internet chatting system known as Internet Relay Chat where it is easy to hide one's identity and place of origin.

Topics: India, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion