September 18, 2008
Ref: [HIDDEN]
To
[HIDDEN]
Respected Sir,
I humbly request for your kind attention with reference to the email and the attached document I had sent on July 29 and was assigned the reference number 1669/E-mail dated 30/07/2008.
I am only a common citizen but being an experienced IT professional and having a good command over network security, I take it as my duty to submit my suggestions for the attention of concerned authorities. Though I assume there are highly experts constantly on duty at the intelligence and various other departments, yet I feel some of my humble suggestions may prove to be useful in intelligence and combating terrorism.
The terror group involved in the recent blasts had been sending emails by exploiting Wi-Fi connections of others. They have been able to do so because of the negligence by ISPs and ignorance of internet users.
Un-Protected ADSL & Wi-Fi Modems
Almost all ISPs (including AirTel, MTNL & BSNL) provide the ADSL Modem to the users with security configured as the factory settings. All such modems are supplied with a common username and password i.e. Username – admin, Password – admin or Username – admin, Password – password etc. This poses a serious threat not only to the security of the subscriber’s private network but to the national security as well which is indeed of great concern.
An article published on security of Wi-Fi, in HT on page 3 dated Sep 18, is a good initiative though, it is not complete and sufficient. It is not practical and feasible for a user to keep a watch over un-authorised usage. It does not make any difference whether a connection is configured as “On demand” or “Always On”. In fact, even if the connection is set to “On Demand” then, in case the user connects in the morning and stays connected for the whole day, cracker may gain un-authorised access by detecting the IP address and the default login for router control panel.
A skilled IT professional can easily crack and exploit the entire network of an internet subscriber if one manages to find an un-protected ADSL modem
Security Policy
Windows default installation is not at all secured. Common Anti-Virus software and firewalls are not fully reliable solutions. Highly secured firewall systems are only used by large corporate offices and networks. Small offices and home users must take support from a well qualified service engineers. IPSec Policy, Group Policy, User Level & File Level security must be put in effect
Tracking emails
1. Before an email is received by anyone, it is sent by someone and usually there is an interval of around 15 minutes between the time of sending and receiving.
2. Before an email is sent, an account is created on the website of a free email service provider i.e. Yahoo. Again, there is usually an interval of around 5-15 minutes between the time when these two actions are carried out
3. This time can be crucial in tracking the origin of emails if prior information could be received in time from the email service provider i.e. Yahoo, the moment when an account is created
4. The terrorist is unlikely to use the email account for second time. Once an email is sent, they will never logon to that account again.
5. In addition, there is also every possibility that they regularly create new email accounts for their internal communications too.
6. It is estimated that the number of new email accounts which are created by general public from a particular major city, in a single day, may not be above 1000. That means we need to screen 1000 email accounts in 24 hours (1440) minutes which is not a difficult task provided we obtain account information from Yahoo, Gmail, MSN etc in time
7. If we screen every such new email accounts properly, it may help us in tracking suspicious email accounts and its origin
8. So, it is very important to obtain prior information on email accounts instantly when an account is created. ISPs’ assistance in tracking access to the “Sign Up” page of Yahoo website which means, information would be available even before an account is created
Points to Ponder
Since, these serial blasts are carried out in a series, by a specific group Indian Mujahiddeen, modus operandi being the same, there are some important points
1. During the first serial blast, the terror group sent an email prior to the first bomb went off
2. In the second case, the email was sent a little later
3. In the 3rd case the email was sent even later
4. If they succeed in carrying out another blast, email will be sent even later
5. Is it so that the terror group is assessing the time what a state police and bomb disposal squad takes in detection and diffusion of the bombs?
6. Is it a part of an exercise by the terrorists by which they are preparing to successfully fleeing the city after planting the bombs within the given time, before the cops and bomb disposal squad comes in action?
7. Is it their plan to carry out a massive high intensity blasts after these low intensity blasts so far?
8. Isn’t the terror group misleading our intelligence by marking the bombs with a number? They might be convincing us to trust their numbering patterns so they could plant more bombs than we believe. The terrorists may also mark the bombs with common numbers
9. The next targeted time would be close to the festivals
They have declared that Mumbai is their next target. I suspect that this time it might be their plan to carry out a massive terror attack at the economy hub of the country which is already fighting high inflation and heading the next parliamentary election. It is also to be noticed that the attacks are carried out since India signed up nuclear pacts and strengthened its relations with US.
Alert notifications for general public
The slogans like “Look beneath your seat” and “An un-occupied article could be a bomb” should be made more elaborate, for the following reasons:
• In a crowded bus or train where the travelers can’t even look beyond the legs of the fellow passengers, it is not feasible for the passengers to look below their own seats
• It would be more convenient for the passengers to keep a watch below others’ seats
• Passengers must keep vigil on the number of articles others boarding or de-boarding the train / bus. People need to ensure that a passenger disembarks with all the articles he / she owns
• An un-occupied article is never labeled as “Un-Occupied” so people in a crowded place will hardly notice such article.
• It may be a good idea if travelers are asked to stick a photocopy of the owners photograph / ID proof, on the article or over its packaging. Such a photocopy will cost only Re 1/- per article and it would be easier for the policemen checking the articles.
Sincerely
Ashok Khurana
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
Please notice the following paragraph highlighted in red, which has been mentioned in above message:
They have declared that Mumbai is their next target. I suspect that this time it might be their plan to carry out a massive terror attack at the economy hub of the country which is already fighting high inflation and heading the next parliamentary election. It is also to be noticed that the attacks are carried out since India signed up nuclear pacts and strengthened its relations with US.
It happened the same as was already suspected. The above feedback was sent on September 18th 2008, 2 months before the attack.
No comments:
Post a Comment
Comments in abusive language will be deleted