Hack if you can

CIOL Bureau
Updated On
New Update

Pratima Harigunani


PUNE: It may strike you like a scene straight from a James Bond movie.

A giant dashboard that displays the atlas, red and green lights beeping from various geographies, an alarm that buzzes from USA’s map and a Symantec commando swinging into action.

The plot is thrilling, the villain is ingenious, the threat is enormous, and Lady M is ready. It’s time for tech-terrorists and business buccaneers to brace up for a real duel as Symantec implants its agents on the Indian territory with its eighth Security Response Lab in Pune, inaugurated on Tuesday join the black belt club of Dublin, Redwood (CA), Santa Monica (CA), Tokyo, Taipei (Taiwan) and Calgary (Canada) that house the Security Response labs of Symantec.


The squad has landed

The mission is not easy but it is definitely exhilarating: to ensure 24x7, multi-lingual threat expertise for all kinds of security threats to its customers. Each response lab from Symantec has the mandate to monitor all kinds of possible threats emanating from any part of the world and provide quick alerts, analysis and protection solutions to its customers in the real-time. This would encompass tracking vulnerabilities in more than 30,000 technologies, operating systems, application product versions from 4000 vendors and automatically delivery of security notifications.

How it works?


This response lab is part of Symantec’s global intelligence network that is dedicated to collection, analysis and solutions of online fraud, malicious code and security risks. After detection through Symantec’s probe network that deploys over two million decoy accounts and 40,000 sensors in more than 180 countries; the lab would also send real-time updates to its customers on respective Symantec products.

Its sharp eye claims to cover spyware and adware reports from more than 120 million client, server and gateway systems besides enveloping vulnerability tracks on 35,000 product versions from 4200 vendors. The threat is detected via early monitoring systems and after analysis and prioritization, content and updates are created and sent to customers along with the alerts.

The content includes application protection, gateway security and anti-spyware and is capable of being released across 150 end points within 24 hours thereby enabling a scale of 80 million people who may be able to download it in six hours. While the sensors keep an incisive eye on any aberrations on the machines and normal use behaviour, the honey pots and decoy pots deliberately attract the pirates on cyberway by feigning vulnerability.


Response, however, is rolled out according to the pecking order on priority as Anil Chakravarthy, vice president of India Technical operations, explains, “Reacting is a constant process of prioritization. It depends on questions like ‘how much damage can the threat cause, is it amenable to be used as a launch pad for other more vicious threats, will it just slow the system down or take over control, does it have a self-propagating behaviour,’ etc.”

Its scope would cover antifraud, antispam, antivirus, antispyware, privacy and parental control, intrusion detection, etc., while evaluating how threats work together and then offering recommendations on protection. The lab would also provide incident response program, emergency virus signatures, definitions and policies besides outbound alerts.

In addition to responding real-time, the lab would also entail research and prototyping work on blue tooth security, research on classification through program analysis, automated reverse engineering of malicious executions and zero data vulnerability.


Vincent Weafer, senior director, Symantec Security Response says, “The zero day vulnerability is an exciting area to work on. Herein, we work on the several ramifications of a threat the day it is detected. We figure out the various ways it can surface. Normally the first offspring is a crude one, but it can be improvised as it grows on, so we try to disarm it on day 1.”

Why India?

Check this: According to estimates by Symantec global intelligence network, India has the highest outgoing spam to legitimate mail ratio that accounts for 76 per cent.


India has witnesses 81 per cent increase in phishing in the last six months, it ranks in top 15 countries hosting phishing sites, Mumbai and Delhi are the most targeted user base for Bot Network attacks and one out of every 122 mails is a spam and one of every 100 spam mails contains modular malicious code.

India has an Internet subscriber base of 37.7 million while the 2.5 million broadband subscriber base is growing exponentially.

“Wherever good resides, evil is tempted too,” says Vishal Dhupar, managing director, Symantec, SAARC, as he sums up the Indian perspective. India is not only getting more exposed to the threats on security but is also graduating in the enormity ladder of these threats.


“We live in a borderless world in the technology terrain and hence threats have gone borderless too. For a hacker, geography doesn’t matter as long as he can operate on a porous medium. Threats can hit any country, any industry and any time in the digital world. And they are equally rampant and deleterious anywhere,” he feels.

India is not only strategic for Symantec as a market but from a development perspective too. As Dhupar admits, “It’s easier to sell something that is made here. We have seen many significant R&D output from India in areas like storage foundation, server management and components for some substantial products.”

Betting big

Chakravarthy refrains from divulging the extent of investments that have been pumped into the Pune lab. “It won’t be possible to peg an exact figure. It is significant enough that it can be gauged from the fact that the lab houses a giant data center besides being packed in a completely isolated environment. It is essential because we want to quarantine all threats and submissions that would be kept in a separate container so that no threat can ever infect our own systems.”

People are a key component of the investments in the lab, he adds pointing to the deep expertise that the job of James Bond commands in the security landscape. All said and done, the Pune lab will be at par with its seven counterparts across the globe.

Dhupar quips, “It has no special specification just because it is in India. It’s a corporate asset so absolutely nothing will lack here in comparison to other response labs.”

Pricing would be based on maintenance- cum-licence fee. Responding to a possibility on split between alert and content services, Dhupar says, “Services will vary as per customer requirements. It may range from analysis to correlation studies to a completely outsourced block.”

“Our main aim is to equip our customers with confidence as they step forth on the information highway and these response lab ensure that in the 24x7 mode. We are sure we will enhance our research and response capabilities with this lab,” asserts Chakravarthy.

© CyberMedia News