CMYK
Technology
Tech as Deadly Tool
To use or not to
use - that’s the
Cyber Question!
- Vicky Shah
A decade ago we
were afraid of
aircrafts causing
d a m a g e t o
infrastructure; today
we are afraid of
software and
technology that can
be used to cause
damage. The World
of Technology is
almost seven times
faster than the real world. There is no doubt that
technology is a double edged sword. With good
comes evil and the realty is that technology can be
misused. The ease that technology provides makes
it the best tool to be used by everyone. This is a
global issue and not only specific to India.
Borderless incidents and activities have become
difficult to regulate.
According to the Anti-Terrorist Act - 1985 a terrorist
is “a person who indulges in wanton killing of
persons or in violence or in the disruption of
services or in damaging property or disrupting
means of communication essential to the
community with a view of putting the public in fear
affecting adversely the harmony between religions
of different races, coercing or awing the
government established by law or endangering the
sovereignty and integrity of India.”
According to Information Technology Act 2000
(Amendments) 2008 Sub-section 66F there is
punishment for cyber terrorism up to life
imprisonment. Cyber terrorism is defined as
causing denial of service, illegal access,
introducing a virus in any of the critical information
infrastructure of the country defined u/s 70 with the
intent to threaten the unity, integrity, security or
sovereignty of India or strike terror in the people or
any section of the people; or gaining illegal access
to data or database that is restricted for reasons of
The Mumbai PROTECTOR
the security of state or friendly relations with foreign states.
Section 66 F: A. Whoever with intent to threaten the unity,
integrity, security or sovereignty of India or to strike terror in
the people or any section of the people by
i. Denying or cause the denial of access to any person
authorised to access computer resource; or
ii. Attempts to penetrate(enter) or access a computer
resource without authorization or exceeding authorised
access; or
iii. Introducing or causing to introduce any computer
contaminant, and by means of such conduct causes or is
likely to cause death or injuries to persons or damage to or
destruction of property or disrupts or knowing that it is
likely to cause damage or disruption of supplies or services
essential to the life of the community or adversely affect the
critical information infrastructure specified under section
70, or
B. knowingly or intentionally penetrates(enters) or
accesses a computer resource without authorisation or
exceeding authorised access, and by means of such
conduct obtains access to information, data or computer
database that is restricted for reasons for the security of the
State or foreign relations; or any restricted information,
data or computer database, with reasons to believe that
such information, data or computer database so obtained
may be used to cause or likely to cause injury to the
interests of the sovereignty and integrity of India, the
security of the State, friendly relations with foreign states,
public order, decency or morality, or in relation to
contempt of Court, defamation or incitement to an
offence, or to the advantage of any foreign nation, group
of individuals or otherwise, commits the offence of cyber
terrorism.
There is an old truism - we cannot stop progress. The
truism has been used to justify investments in technologies
that could potentially not only harm people but wipe out
March - April 2010 66
CMYK
 CMYK
Technology
the entire planet. While we cannot stop the
progress, we still should think carefully about
the consequences of the technologies that we
invent.1
“A computer keyboard can be a very useful
tool for the progress of humanity, but it can
also become a dangerous weapon capable
of producing enormous economic damages
to the infrastructure of a state or company,
and even against the integrity and the life of
human beings” - Secretary General Cesar
Gaviria, OAS, Us2
Technology Platforms that have been
misused:
• Social Networking Sites • Blogs • Email
Services • SMS Services • VoIP • GPS and
GIS based Applications and Equipments
Growing Challenges faced by India:
• Exponential growth of Internet and Mobile
Phone use
• 3G technology to be started very soon
• Interconnected business and government
• E-governance growth has implications for
Information Security, Privacy and Cyber
Security
• Income Tax, Excise, Customs, Sales tax
networks connected
• Smart cards, UID being issued
• Land records computerized
• Police networks
• Defense is no longer arms & ammunition
The Mumbai PROTECTOR
but GPS & networks
Recent Past Incidents where technology was misused:
• 26/11: Global Positioning Satellite systems, Blackberry, CDs
with high resolution satellite images, Multiple cell phones with
switchable SIM cards, Satellite phones
• September 13, 2008: Indian Mujahideen militants used
unsecured WiFi system of a company in Chembur.
• August 2008: A stray terror e-mail was traced to the Khalsa
College, Matunga, Mumbai.
• July 2008: E-mails were sent before and after the Ahmedabad
blasts. One was traced to Navi Mumbai and the other to an IP
address in Vadodara.
• May 2008: A terror e-mail was sent before the Jaipur blasts
from a cyber cafe in Ghaziabad.
• November 2007: Serial blasts in Lucknow, Varanasi, and
Faizabad courts in UP. The terror e-mail was sent by Indian
Mujahideen (IM) from a cyber café in Laxmi Nagar, Delhi.
(Source: Internet and Newspapers)
The Wi-Fi misuse could have easily prevented had the
users/or their network administrators would have been
alert and careful in securing the connections. It only takes
following steps to secure a Wi-Fi Connection:
• Change Default User names & Passwords
• Use Strong Passwords
• Enable Wireless Security (WPA2)
• Change your SSID
• Do not show Broadcast SSID
• Use MAC filtration
• Use Static IP Address
• Use firewalls
• Use Latest Antivirus Pack
An interesting article has been written by Bruce Schiner about
“Terrorists May Use Google Earth, But Fear Is No Reason to Ban
It” he talks about how surprising it is to the people that their own
infrastructure can be used against them. And in the wake of
terrorist attacks or plots, there are fear-induced calls to ban,
disrupt or control that infrastructure. This isn't the only way our
information technology helps terrorists. We already know they
use websites to spread their message and possibly even to
recruit.3
Let's all stop and take a deep breath. By its very nature,
communications infrastructure is general. It can be used to plan
both legal and illegal activities, and it's generally impossible to
tell which is which. When we send and receive email, it looks
exactly the same as a terrorist doing the same thing. To the
mobile phone network, a call from one terrorist to another looks
exactly the same as a mobile phone call from one victim to
another. Any attempt to ban or limit infrastructure affects
March - April 2010 67
CMYK
 CMYK
Technology
everybody.
Terrorist attacks are very rare, and it is almost always a
bad trade-off to deny society the benefits of a
communications technology just because the bad guys
might use it too. Communications infrastructure is
especially valuable during a terrorist attack. Twitter was
the best way for people to get real-time information
about the attacks in Mumbai. If twitter was banned
would it have been helpful for people to know about
the updates? Information lessens fear and makes
people safer.
None of this is new. Criminals have used telephones
and mobile phones since they were invented. Drug
smugglers, Bank robbers, terrorists, etc... everyone.
Society survives all of this because the good uses of
infrastructure far outweigh the bad uses, even though
the good uses are - by and large - small and pedestrian
and the bad uses are rare and spectacular. And while
terrorism turns society's very infrastructure against
itself, we only harm ourselves by dismantling that
infrastructure in response - just as we would if we
banned technology because anti social elements used
them too.
"Where in the rule book does it say that terrorists are
not allowed to use technology that is readily available
to almost anyone?" said Ajay Sahni, executive director
of New Delhi's Institute for Conflict Management. "The
only people out of the loop seem to be the Indian
security forces. They are a generation behind in
understanding the technology that the terrorists
used."4
Lastly, this is terrorism in the digital age. "Technology is
advancing every day. We try to keep pace with it."
Hasan Gafoor, IPS Mumbai CP during the 26/11 press
conference.
The Mumbai PROTECTOR
Clearly the technologies that are being developed and
that would be developed in future can be used in a bad
way by the "evil doers". But this is really nothing new,
and as I said in the beginning of this article -
technological progress is unstoppable. So why do we
need to think about these things? Simply because it is
always better to pause and think about the
implications, than blindly rush through things. Just
because something is cool does not mean that it is not
dangerous. And beyond cool, we can be just a bit more
careful. These are debatable and should be debated at
the right level with right channel.
The Way Ahead:
• Government's positive and critical role in Proactive,
Active and Reactive strategies.
• Protecting, Preventing, Mitigating and Investigating
against all forms of incidents
• Citizens alertness and cooperation to Law Protectors,
Law Enforcement Agency, etc…
• A statewide and overall national approach to
technology security is required for protecting citizens
from the menace of Technology Abuse.
• Government lacks expertises which are available
with Private Sector Direct capitalization of talent
available in the industry.
• Government playing instrumental role in raising
awareness about existing risks, creating state
infrastructure to address technology security issues,
and create confidence for the citizens.
• Government helping in preventing economy losses
faced by community.
• Cert-In to play an important role in critical
infrastructure as they are appointed as nodal agency
as per the Information Technology Act 2000
Amendment 2008.
Credits, Reference and Acknowledgements:
1)Technology and Terrorism: Are we being too naive? -
Written by Alex Iskold / June 2, 2007
2)http://goliath.ecnext.com/coms2/gi_0199-
3159573/Confronting-cyber-crime.html
3) http://www.schneier.com/essay-258.html
4)http://www.washingtonpost.com/wpdyn/content/ar
ticle/2008/12/02/AR2008120203519.html
Disclaimer:
This article is for non-profit, knowledge sharing, awareness and
educational purpose. Please feel free to write your view, criticism,
comments to the author at vicky@cybercrimes.in. Information
available in this article is not enforceable by law; however these are
my personal views about the topic which i feel should be shared. Any
errors, omissions, misstatements, and misunderstandings set forth in
the article are sincerely apologized. Relying on the contents will be
sole responsibility of the users. +
March - April 2010 68
CMYK