Saturday, 14 March 2009

Techie terrorists worry IT firms

Udumula Sudhakar Reddy
22nd oct 2008
Corporates are wary of the ‘enemy within’ who uses technical skills to work for terror outfits
P olice has asked the IT industry to be doubly cautious while recruiting peo ple in the wake of terrorists infiltrating software firms to learn hacking courses.
Concerns had increased after it was revealed that Mohammed Mansoor Peerbhoy, 31, of the Indian Mujahideen, had learnt a course on ‘Hacking Unlimited’ in the city’s antihacking school at Banjara Hills.
The Mumbai police had found that Peerbhoy, an employee of Yahoo India with an annual salary of Rs 19 lakh, had sent emails for the Indian Mujahideen before the Ahmedabad and New Delhi blasts by hacking into wi-fi networks of strangers.
Mubin Kadar Shaikh, a computer graduate, and Asif Bashir Shaikh, a mechanical engineer from Pune, aided Peerbhoy. They were arrested along with Mohammed Akbar Ismail Chaudhary, another computer mechanic, who actually planted a bomb at Dilshuknagar on August 25, 2007. Luckily, it did not explode.
“IT companies and training schools should keep tab on suspicious employees and trainees,” says the Central Crime Station Deputy Commissioner of Police, R.S. Praveen Kumar, who is in charge of the cyber crime unit as well as the Special Investigation Team that deals with terror related cases in the detective department.
Bangalore, Hyderabad, Pune and Chennai are considered to be potential zones for operations of such techie terrorists since the IT indus try has a large presence in these cities. “Companies have to do a thorough background check and can even ask for police verification if necessary,” says Kumar.
Peerbhoy, for instance, got admitted to a training course on hacking and wireless security without proper verification since he was working for a reputed firm.
Cops suggest that companies should also gauge the opinions of candidates on political events during interviews to find out their affiliations. “They should observe the behaviour of employees and check out those who work on holidays and late in the night without any particular assignment,” he adds.
Madhapur Inspector N. Bhujanga Rao, says that police had held meetings with IT firms and had asked them to conduct background check of applicants before employing them. “They can take the help of a private security agency,” he adds.
With the threat of terror looming large, software companies also have disaster recovery plans in place to ensure that a terrorist attack does not disrupt their operations. Further, IT firms have got their security guards trained by the police on how to deal with explosives and have intensified peripheral patrolling outside the walls. But the ‘enemy within’ cannot be prevented merely through such tactics.
“Companies have taken steps to prevent hacking and intrusion into the networks,” says V. Srinivasa Prasad, secretary of the Society for Cyberabad Security Council, which has representatives of IT companies, police and government.
“To prevent hacking we have stopped outsiders coming to the companies and connecting their laptops into our networks,” he adds.

No comments:

Post a Comment