Indian Defence Cyber Agency & Defence Space Agency : Updates and Discussions

Oh well in this case I exactly know what their capability is. They hire people on contract basis and then these people work for them. Those who are running the department and ghanchakkers from NIC who know how to set up broadband and install updates thats all. They in the end go to Israel for procurement of equipment ( more I can't say) then they hire xyz people to work on these equipment and understand them.

There is no point of creating new cyber departments. The local guys with pentium and i 3 can hack into their accounts easily. If you recruit idiots from government universities on the basis of marks and not talent then India will never be secure.
 
the nuclear power plant cyber attack may not be a hox or propaganda becoz the malware was a droper it can penetrate over airgaped system's alos the dropper varient is DTran its North Korean APT tool infamous for their attacks,

The Govt is aware of these Threats

So it is wrong to assume that they have not
Prepared for Such Contingencies
 
the nuclear power plant cyber attack may not be a hox or propaganda becoz the malware was a droper it can penetrate over airgaped system's alos the dropper varient is DTran its North Korean APT tool infamous for their attacks,
This news is wrong. KKNP 1000mw uint is definitely offline. No idea if it because of a cyber attack or not. It could be regular maintenance which will carry on for 4-5 months.
Second nuclear power plant at TN's Kudankulam stops operation - ET EnergyWorld
credit - @bleed found this link.
 
It's under IAEA safeguard s isn't it?

Why infect a civilian reactor of many reactors?

Industrial competition?
Cyber attack angle i just a speculation so far. There is no proof it ever happened except one twitter account mentioning its vulnerability. The unit 2 going offline at the same time just became a hot topic of gossip. And for the motive it can be anything from industrial espionage to finding back doors in the system by both friends and foes.

And IAEA safeguard means nothing. It only installs video cameras pointing the storage tanks where the used uranium is stored and has a guage modem installed at the water filtration pipes that sends info to its HQ on the quality and quantity of water filtered out( this water goes through the centrifuges to collect weapons grade isotopes.). Also they are allowed to visit twice a year with prior notification. Israelies hid their centrifuges by building an artificial wall at the entrance leading to that room everytime inspectors from IAEA visited

Any closed system can be penetrated with enough resources and time. Read about a new worm design called carrier peigion. It can transfer malware from one closed system to another using the devices own radio frequency.

Both unit 1 and unit 2 are 1000 mwe... It was unit 2 that was stopped on October 20... and they say it is now at 600 mwe... Maybe they are ramping up unit 2 now that the problem is fixed..
Maybe. I have no clue on its features. I only know their maintenance windows are for 4-5 months sometimes even 9 months.
 
Last edited:
i follow the guy posted in twitter closely becoz my professional life related to cyber security, by the way the guy never mentioned the nuclear power plant he tweeted abt a unique hard coded command line which have username and password defined also an internal IP address of that net work,the username was controler//KKNPP which may be a short for kudankulam nuclear Power plant, even though the virus submition happened from India that's why I said it may not be a sol propaganda ,we can't take everything blindly said by authorities they said same abt Aadhar when hackers showed 3tb data gov said it was secured by 10feat Wall, yes am aware that. the kudankulam plant was standalone it don't have any Internet or intranet connection but stux net(aka op Olympic games) attacked Iran infected through a pendrive, air gaped ( systems not connected to internet net) not fully secured from hackers,
 
i follow the guy posted in twitter closely becoz my professional life related to cyber security, by the way the guy never mentioned the nuclear power plant he tweeted abt a unique hard coded command line which have username and password defined also an internal IP address of that net work,the username was controler//KKNPP which may be a short for kudankulam nuclear Power plant, even though the virus submition happened from India that's why I said it may not be a sol propaganda ,we can't take everything blindly said by authorities they said same abt Aadhar when hackers showed 3tb data gov said it was secured by 10feat Wall, yes am aware that. the kudankulam plant was standalone it don't have any Internet or intranet connection but stux net(aka op Olympic games) attacked Iran infected through a pendrive, air gaped ( systems not connected to internet net) not fully secured from hackers,
It's true that the agencies can be giving wrong info wrt to the hacking, But they cannot lie on the function of reactor..... In the press release they do mention about the out put of both reactors and also the power generation status.... So even if the hacking story is true, power output was not effected...
 
  • Agree
Reactions: Sulla84
It's true that the agencies can be giving wrong info wrt to the hacking, But they cannot lie on the function of reactor..... In the press release they do mention about the out put of both reactors and also the power generation status.... So even if the hacking story is true, power output was not effected...

my fear became reality

src:NCPIL takes U-turn, admits cyber attack on Kudankulam nuclear plant – Indian Defence Research Wing
 
  • Like
Reactions: nair
This is happening on November 25 :

Isro to launch Cartosat-3 on November 25, 2 satellites in December to boost military’s space surveillance | India News - Times of India

From an old presentation, both projects have been delayed by a year :

1574176167650.png


Look at the solar panel configuration of the Cartosat-3. It is quite unique. I wish I had better quality images of the sat.
 
Group IB report highlights cyberspace weaponisation in 2019. India is at it too

By Nirmal John
Dec 04, 2019, 03.22 PM IST


The report talks about Lazarus, a North Korean sponsored group, hitherto known for its attacks on financial services companies, targeting an Indian energy facility. (likely the Kudankulam Nuclear Power plant, although the report doesn’t specify it)

It is nearly 2020 and the fear of a global digital dystopia is increasingly becoming real.

A newly released report from Singapore-based threat-intelligence firm Group IB underlines what has been brewing in cybersecurity over the last few years — the dominance of the nation state as the primary threat actor.

“The leading and most frightening trend of 2019 was the use of cyber-weapons in military operations,” the report says.

It says that there were 38 groups of state-sponsored attackers that were active over the last one year, with seven of these being new cyber-espionage groups whose activities were discovered this year.

Two of these groups, the report says, were sponsored by the Indian state and are called BITTER and Sidewinder. Both of these groups were primarily active in the Apac region, but further details remain unpublished.


Talking to The Economic Times, the founder and chief executive Ilya Sachkov stressed the need for multilateral dialogue and cooperation to address the growing weaponisation of cyberspace.

The report says that the use of cyberweapons and its real-world impact has become all too real with three incidents in particular — the cyber sabotage of the Simon Bolivar Hydroelectric plant and the resultant blackout in Venezuela in March; the US cyberattack on the Iranian Revolutionary Guards in June; and the Israeli missile strike on a building in the Gaza Strip, allegedly used by Hamas hackers to carry out cyberattacks.

The report also highlights an increased volume of attacks targeting the telecommunications and energy sectors. It also talks about Lazarus, a North Korean sponsored group, hitherto known for its attacks on financial services companies, targeting an Indian energy facility (likely the Kudankulam Nuclear Power plant, although the report doesn’t specify it), indicating their “military’s growing interest in this type of attack”.

The US, Russia, North Korea, Pakistan, China, Vietnam, Iran, UAE, Turkey, and South America were the other regions from where state-sponsored attacks are believed to have originated.

Group IB is forecasting the situation to worsen further with possible attack scenarios, including cutting connectivity in a country completely and attacks on domain-name registrars. Things could get especially bad for the telecommunication sector, with the advent of 5G and the increase in the number of connected devices.

Group IB CTO and co-founder of Dmitry Volkov says the findings of the reports must make everyone in cybersecurity review their threat models. “Attribution is never easy, but it is always possible to attribute attacks based on the knowledge you have,” he added.

The report is the result of Group IB’s own threat intelligence, combined with threat intelligence from other cybersecurity companies.

Group IB report highlights cyberspace weaponisation in 2019. India is at it too
 
  • Like
Reactions: BMD
India has no plans for another anti-satellite missile test, but will improve tech

India proved its A-SAT capability on 27 March when it knocked off one of its own satellites 300 km in space. However, the Chinese threat still persists.


By Snehesh Alex Philip, 5 December, 2019 5:13 pm IST
edit_1-696x392.jpg

File photo of the A-SAT missile launch | PIB India

New Delhi: India is not planning to carry out a second test of its anti-satellite (A-SAT) missile, either in lower or higher orbits, after the maiden test earlier this year ticked off all the check boxes, ThePrint has learnt.

However, work will continue on improving the missile and technology, said sources.

“There is no second A-SAT test that is being planned. The first test was fully successful. We have proven our capability to the world. Fine-tuning of the systems will of course take place to provide it with more lethality,” a top government official told ThePrint.

India had successfully test-fired an anti-satellite missile on 27 March, knocking off one of its own satellites 300 km in space, thereby joining a small group of countries — the US, Russia and China — to possess such a capability.

Soon after, Defence Research and Development Organisation (DRDO) Chairman G. Sateesh Reddy ruled out future A-SAT missile tests in the lower Earth orbit, but hinted at keeping the options open for possible experiments in higher orbits.

Reddy said the interceptor used for the A-SAT missile test had the capability to hit targets 1,000 km away, but DRDO had intentionally chosen the target at an altitude of 283 km to prevent the creation of space debris.

The interceptor missile was a three-stage missile with two solid rocket boosters.

While there are other ways to demonstrate A-SAT capabilities such as “fly-by tests” and jamming, India had relied on the “kinetic kill technology”.

The main challenger

Officials have said in the past that Indian scientists moved towards the A-SAT test after China proved its capabilities in space and conducted the test in 2007 at an altitude of 865 km.

The Indian A-SAT technology came as a by-product of the Ballistic Missile Defence Programme.

In the mid-2000s, India secured Swordfish, an Indian active electronically scanned array (AESA) long-range tracking radar, specifically developed to counter the ballistic missile threat.

The radar is a derivative of the Israeli Green Pine long-range radar, which is a critical component of the country’s Arrow missile defence system.

During trials for the anti-ballistic missile systems, DRDO noticed that the radar was so powerful that it could even track satellites in lower Earth orbits of about 600 km.

When China carried out its test, the DRDO rushed to the government stating that it too could develop such a missile.

Given the wide condemnation that China attracted, the DRDO was asked by the government to focus on the anti-ballistic missile systems.

Chinese threat

While India has proved its space capabilities now, the Chinese threat persists.

In a review of Indian A-SAT missile test, think tank Carnegie Endowment for International Peace said the Chinese counter-space strategy since 2007 has clearly shifted in the direction of emphasising nondestructive means of space denial whenever possible.

“The available evidence suggests that China is currently pursuing several different alternatives, all of which singly or in combination would deeply threaten India’s ability to use space for civilian or military purposes in crises or in wartime,” it said.

It also noted that China’s counter-space capabilities are wide-ranging, highly diverse, and span the entire intersection of lethality and reversibility.

This includes capability to carry out sophisticated cyber attacks directed at ground stations with the intent of either corrupting or hijacking the telemetry, tracking, and command systems used to control various spacecraft on orbit.

“They also involve huge investments in developing ground-, air-, and space-based radio frequency jammers that target the uplinks, downlinks, and crosslinks involved in either the control of space systems or the transmission of data arising from various space system activities,” the think tank said.

(Edited by Amit Upadhyaya)

India has no plans for another anti-satellite missile test, but will improve tech
 
India plans to mandate cyber security measures for power grids

Bloomberg| Jan 21, 2020, 02.11 PM IST
By Anjali Venugopalan

Grid operators and regulatory agencies will need to have a continuity plan handy in the event of a cyber attack, according to draft rules published by the Central Electricity Regulatory Commission. The move is part of a overhaul of the decade-old guidelines.

leh-power-indi.jpg

To deal with malware, India protects its central power grid through multiple firewalls and has isolated it from office networks, power minister R.K. Singh told.

India’s electricity grid operators will have to install firewalls and other measures used by companies to avert an attack on their information technology systems and check rising hacking incidents of power networks across the world.

Grid operators and regulatory agencies will need to have a continuity plan handy in the event of a cyber attack, according to draft rules published by the Central Electricity Regulatory Commission. The move is part of a overhaul of the decade-old guidelines.

The report comes barely months after the nation’s monopoly nuclear power producer admitted its information system had been breached, underscoring the need for more action to protect critical installations. Energy networks across the world have been key targets for hackers, prodding governments to take safeguard measures.

The draft report advises central and state transmission utilities and load dispatch centers to ensure protection of sensitive data and identify reserve transmission capacities that can take over in case of a disruption apart from regular monitoring of risks. It also recommends that these bodies prioritize resources and allocate adequate workforce for online security.

To deal with malware, India protects its central power grid through multiple firewalls and has isolated it from office networks, power minister R.K. Singh told lawmakers in parliament last month.

The country has been a target of cyber attacks, with 529 federal and state government websites being hacked since 2016, according to information technology minister Ravi Shankar Prasad.

(--With assistance from Archana Chaudhary.)

India plans to mandate cyber security measures for power grids
 
  • Like
Reactions: Parthu