Dragon’s Wicked Web of Cyber Snooping

The internet world has brought every individual on one platform where it has become easy to communicate and collect the information. However, it is also true that this world is most vulnerable and no body can claim that his/ her data or privacy is safe and secure.

Recently The Indian Express in its investigation revealed that a Shenzen-based technology company with links to the Chinese government, and the Chinese Communist Party are monitoring over 10,000 Indian individuals and organisations.

According to The Indian Express report, the prominent people in India being tracked are, President Ram Nath Kovind, Prime Minister Narendra Modi, Congress interim President Sonia Gandhi and their families; Chief Ministers Mamata Banerjee, Ashok Gehlot and Amrinder Singh to Uddhav Thackeray, Naveen Patnaik and Shivraj Singh Chouhan; Cabinet Ministers Rajnath Singh and Ravi Shankar Prasad to Nirmala Sitharaman, Smriti Irani, and Piyush Goyal; Chief of Defence Staff Bipin Singh Rawat to at least 15 former Chiefs of the Army, Navy and Air Force; Chief Justice of India Sharad Bobde and brother judge AM Khanwilkar to Lokpal Justice P C Ghose and Comptroller and Auditor General G C Murmu; start-up tech entrepreneurs like Nipun Mehra, founder of BharatPe (an Indian payment app), and Ajay Trehan of AuthBridge, an authentication technology firm, to top industrialists Ratan Tata and Gautam Adani.

Not only in India, UK politicians – including Prime Minister Boris Johnson  – royals, religious leaders, military officers and their families are also being tracked by this Shenzen-based Chinese technology company.

Against this backdrop, the government has set up an expert committee under the National Cyber Security Coordinator to study reports. Ministry of External Affairs (MEA) has also raised the issue of Zhenhua Data Information Technology Co, spying on prominent Indians, with the Chinese Ambassador in India.

Here it is worth mentioning that hundreds of Chinese apps were recently banned by the government  over security concerns and the same being followed by other countries. Even many countries in the world are banning Chinese Huawei and ZTE over security concerns. Recently,  US President Donald Trump  extended ban on Chinese tech firm Huawei for a further year. The UK government also   announced to remove the Chinese phone-maker Huawei from the UK’s 5G mobile networks.

Christopher Balding, Professor, Fulbright University, Vietnam, who had shared this information to The Indian Express, The Australian Financial Review, Italy’s Il Foglio and The Daily Telegraph, London, talked exclusively with Uday India on this issue.  He said that China used Zhenhua as an outside contractor. They collected a variety of data and created one large database. The Chinese government appeared to access this data via military, security, intelligence, and foreign affairs linked government agencies.

“The data came from multiple open sources though we believe approximately 10-20% of the data comes from non public sources. The public sources are everything from Facebook to corporate websites with biographical data on individuals,” Prof Balding added. Replying on any probability of China stealing data through its propaganda websites, Prof Balding said, “We do not have evidence that indicates this.”

Dr. Anup Girdhar, Cyber Crime Investigator and CEO, Sedulity Solutions & Technologies, also talked exclusively on this issue. Dr Girdhar said that in pandemic COVID-19, the work-from-home culture was initiated, by most of the organisations. It generates an opportunity for hackers to target corporate networks via end user machines.  Digital snooping is one of the ways opted by them to penetrate corporate networks/connections. Most of the employees are working from unsecured networks/digital gadgets like mobile phones, laptops, tablets, smart TVs, Wi-Fi, etc. It is quite easy for them to deploy malicious applications for screen capturing, sound recording, capturing keystrokes, mouse activities, Geo Locations, Digital Identity Theft, etc.

“Due to snooping many cybercrime incidents raised in these days and the users become the victim of the privacy breach. Technically, anonymous activities have been identified and logged from the trusted devices on VPN’s as well. Ideally, it’s a zero-day vulnerability, which is not easy to implement the defensive policies/procedures spontaneously. Moreover, internal IT security policies failed to control such attacks and the impact was servers hijacking, data theft, user’s credentials theft/ misused, and Financial Frauds, etc. “To stop the Hacker is to think like one”. This is one of the most effective and adaptive procedures/ policies to mitigate such attacks. Instead of Block/Allow services, it’s better to analyse the behaviour of all the events triggered by the trusted and untrusted user accounts and correlate with the IP address, ISP, device details, etc. used by the specific users.  It is also important to analyse the events with timestamps and the frequency of the types of transactions or accessing, modifying the files, etc. In case if any activities are found suspicious, then it is highly recommended to suspend the user services for a particular period automatically and cross-check with all the security parameters on a real-time basis. Further log analysis is also important to confirm incidents and produce evidence. Such security policies also need to be implemented on the client-side as well to mitigate the risk and secure themselves from various contingencies,” Dr. Anup Girdhar further added.

Having said that, now when the data has been integral part of national security, it is now a bigger challenge for the government to fight this invisible cyber war.