Cyber Attacks The good guys in cyberspace

BANGALORE, INDIA: The recent 'Secureworks Information Security World Cup' research says that India was the origin of the lowest number of cyber attacks (52 attacks per 1,000 PCs) among the countries surveyed, and thus topped the list. The worst was the USA, with 1,660 attacks per 1,000 PCs, and South Korea was ahead of the USA. China was #10, as the origin of 201 cyber attacks per 1,000 PCs.

So is that a good thing? You'd think so, as did media reports.

I'd call it a mixed blessing (I forget: just what is the antithesis of "a blessing in disguise”?).

Topping this list means we're sort of the good guys in the cyber-attack world. We don't do that sort of thing. But the good guys don't always win wars. For this also means we don't have much practical knowledge, as a country, on cyber attacks, or about protecting ourselves against them.

Also read: Hacking:India needs to step up cyber offensive

Take China, which is so very proficient in this arena. They don't want to be the good guys. They want to win the war. Whether it's a cyber war, which is not infrequent in limited doses, or a regular war--if that happens, at whatever scale--for any conventional war will be actively enabled and assisted by the cyber world. Or disabled by it. For instance, a cyber attack that disables targeting systems, or kills our ability to distinguish between the good guys and the bad, in a distributed battle. Imagine if fighter aircraft had their IFF (identify friend or foe) capability interfered with?

One reason for our low position in attack origins (and thus our high position in the list) is our low PC/internet penetration in the general population: most PCs are institutional, enterprise, government, or military. And none of these setups are likely to originate cyber attacks. Not even the Indian military.

Contrast that with China. Again, the PC/internet penetration is not very high in the general population, though it is higher than in India. But there is a concerted, formal, military doctrine of cyber dominance in the PRC. And they practice it like religion. The flood of cyber attacks that originate from China are often from military areas. Couple that with the fact that China has a vast population of freelance "hackers" (often encouraged by the establishment) and you can understand why

China is so high up there in the cyberattack origins list (or low on this list).

Also read: US building system to detect cyber attacks

Why is China No. 10 and not even further down? Well, as you'd expect, the number of cyberattacks should be a function of the PC/internet penetration in the general population, and the history of a hackers and developer community in the given country. The US is of course way on top of that list. Followed by South Korea, which has very high broadband population. Going by India and China's low PC/internet penetration in the population, you'd expect both to be very low on the cyberattack origin list and thus high on this list. India lives up to that expectation. But China makes up for that with its strong doctrine of cyberwarfare. As I have covered in a column earlier which got picked up by hundreds of websites and blogs.

So we need to get a lot savvier on the cyber-attack front. It isn't good enough working on an analysis and defense system, as the Indian Department of Infotech's CERT is doing. We need attack capability.

Our military isn't doing it (as with nuclear weapons) you can't develop these capabilities without testing them. And the data shows there isn't enough testing happening from India. Which leaves it to us to draw inspiration from the China model, of encouraging a shadowy group of freelance hack.