Need for finesse in cyber counter-intelligence?
Counter-intelligence is the technique of preventing our ill-wishers from collecting intelligence about us that could weaken our national security.
Cyber-intelligence is the collection of intelligence having a bearing on our national security by systematically monitoring the web.
Cyber counter-intelligence is the prevention, detection and neutralisation of attempts by our ill-wishers to weaken our national security by misusing the web for destabilising us. It is also the prevention, detection and neutralisation of attempts by our ill-wishers to penetrate our cyber security architecture for the collection of information about us and for using this capability for disrupting our economy and the fighting capabilities of our armed forces.
NTRO has not been systematically monitoring the Net and its Social Media Sites for cyber chatter that could have a bearing on our internal and external security…
The Task Force For the Revamping of the Intelligence Apparatus headed by Gary Saxena, former head of the R&AW, which was set up by the Government of A.B.Vajpayee in 2000, had, inter alia, gone into our cyber intelligence and counter-intelligence capabilities and made a set of recommendations.
It had suggested that the Intelligence Bureau (IB) should be given the additional responsibility for cyber intelligence and counter-intelligence. It had also recommended that the IB should be made responsible for all counter-intelligence—-whether in the real or virtual world— and that its capabilities in this regard should be further strengthened,
One was given to understand that the NDA Government accepted these recommendations, but gave these new responsibilities for cyber intelligence and counter-intelligence to the National Technical Research Organisation (NTRO), which was set up as a Techint agency on the pattern of the National Security Agency (NSA) of the US.
In the US, the NSA used to have additional responsibility for cyber intelligence and counter-intelligence. Two years ago, it was decided to set up an independent Cyber Command for this purpose, but to place it under the head of the NSA. TheNSA and the Cyber Command are separate organisations with separate staff and separate budgets, but they have a common chief.
There is a need for a mid-course correction in the follow-up actions initiated after the recent panic in order to introduce an element of finesse in our cyber intelligence and counter-intelligence architecture and techniques.
As a result of the NDA Government’s decision to entrust the responsibility for cyber intelligence and counter-intelligence to the NTRO, we now have the IB dealing with intelligence and counter-intelligence in the real world and the NTRO in the virtual world of the Internet and the social media sites that have come up in recent years.
The recent incidents relating to Psyjihad sought to be waged against us through the Net and its social media sites and mobile telephones by exploiting Muslim anger over the anti-Muslim violence in the Rakhine State of Myanmar and in our Assam State and our incoherent and ill-coordinated reaction to it bring out two serious deficiencies:
- The NTRO has not been systematically monitoring the Net and its Social Media Sites for cyber chatter that could have a bearing on our internal and external security in order to sound a wake-up call to the Govt when the contents of the cyber chatter indicate possible attempts at destabilisation. This is clearly evident from the fact that the large number of websites disseminating exaggerated accounts of the anti-Muslim violence with the help of morphed images seems to have been noticed by the NTRO only after the violent incidents in the Azad Maidan of Mumbai on August 11 and the panic departure from South India and Pune of many people from the North-East working and living there. Had these web sites and their false and provocative propaganda been noticed in time,the Government might have been able to take pre-emptive action to prevent the violence and contain the panic.
- The NTRO has not yet developed a capability for the identification of suspects who have been misusing the Net and its social media sites for their Psyjihad meant to destabilise us. As a result, one could see over-reaction and an attempt at a disproportionate use of the powers under the existing laws for cyber surveillance. After the surveillance failed initially due to lack of alertness on the part of our agencies, there has been a disproportionate use of the surveillance powers by way of large-scale blocking of web sites and attempted control over social media sites without applying our mind. Instead of targeting our counter-action on the suspects responsible for the Psyjihad, we have been targeting the instruments used by them for their Psyjihad such as Facebook and Twitter. These instruments have benign and malign uses.Our actions should have been targeted against malign uses, but there is an impression that we have been trying to discourage both benign and malign uses in order to deter the use of these sites and instruments even for well-intentioned criticism of the Government and its policies.The misuse by ill-wishers of the country has been sought to be exploited for preventing legitimate uses of the social media networks even by well-wishers of the country.
There is a need for a mid-course correction in the follow-up actions initiated after the recent panic in order to introduce an element of finesse in our cyber intelligence and counter-intelligence architecture and techniques. Target the ill-wishers of the country who have been misusing the Net and the social media sites for nefarious purposes, but don’t target the well-wishers.Make the ill-wishers dysfunctional and not the Net and the social media sites.
The Naresh Chandra Task Force on national security has in its report submitted to the Prime Minister on May 24 devoted a chapter to cyber security. Its chapter on intelligence revamp also contains some important recommendations on this subject. While vetting them, the lessons drawn from our recent experience in handling our existing cyber intelligence and counter-intelligence architecture and techniques should also be taken into consideration in order to see whether any modifications in the recommendations during implementation are called for.