WE would like to thank our HOD sir Dr. K. Vijayakumar for the continuous support, guidance and the freedom he gives us to create and develop the magazine. We also would like to thank Pranav Bharadawaj and Varunkrishnan Ravi our seniors, former heads and editors of the magazine who founded the magazine "THE EEEA REVIEW" and gave us the chance to make it a bigger success than it already is.
Further thanks to The documentation team, photography team for their inputs making this magazine possible. The fonts used in this magazine are Roboto, Hacked and Ericsson Kallol Chatterjee, Design Head Sai Kaushal, Photography Head
4
THE EEEA REVIEW
Greetings from the Editor’s desk .This is Prateek Gulati from the EEE Association! I am your Editor in Chief and Dhruv Gupta and Abhishek Iyer are the Co-Editor, We are pleased to welcome you to the second issue of THE EEE REVIEW under our tenure. In today's world of technology, where everything is connected, cars are self driving, household appliances can be controlled by the touch of a finger by your smartphones. How safe are we? In this issue, we look into the nature of hacking and how easily hackers have and can control things around us. The issue of cyber warfare and defence systems have been discussed in detail as well. It is important for us to know about such threats and how to deal with them. We have put more DIYs and mini projects to bring out the hacker inside of you. In this issue we have 2 guest articles. I want to encourage other readers to submit articles as well.
Enjoy Prateek Gulati
5
THE EEEA REVIEW
1. Vehicle cyber security
7
2. Cyber Terrorism In India
8
3. Hacking groups you should know about
9
4. Top 5 Cyber attacks of all time
10
5. Ethical Fashion
11
6. Defence system and cyber security
12
7. Skills to become a master hacker 8. ISIS hacking capabilities
13 14 15
9. Cyber warfare 10. AI in Cyber security
16
11. Growth of Cyber crimes in india
17
12. SMAC
19
13. Computer Monitor Hacked
20
14. Most Expensive Computer virus of all time
21
15. Improving Indian cyber security
22
16. Future of Cyber Security
23
17. The internets own boy
24 25
18. What’s up EEE?
25
19. DIYs 20. Highlights of the month
6
32 33
THE EEEA REVIEW
Hackers these days have moved on from hacking a stationary computer to something more fun. A computer on wheels- The Smart Car! Hacking has advanced from computers to mobile phones and now the present scenario involves hacking of vehicles. Yes that’s right! Cars, aircrafts all these vehicles can be hacked. This puts your safety concerns on the edge doesn’t it?
So basically what is car hacking? Car hacking is manipulation of the code in a car’s Electronic Control Unit (ECU) to exploit a vulnerability and gain control of the car. Technology and connectivity has paved way to car hacking. A car’s connectivity involves it to have new features like Bluetooth, WiFi, GPS, remote keyless entry, software applications etc. These salient features of a car are also the vulnerabilities of the car. Direct penetration in a vehicle can take place in many forms like exploiting the telematics system, wirelessly compromising the vehicle etc. Vulnerabilities in the software used in the car can also be exploited. Because all these things are hidden, people do not realize that they these systems can be tampered with. Once the car is hacked the hacker gains control of the car. The car’s brakes, functions, transmissions, and various other devices are now in the hands of the hacker putting the driver at a dangerous situation. The vehicle’s vital functions such as honking of the horn can be disabled. Someone can actually kill you in that car using justlines of coding! Imagine that. In a particular demonstration of car hacking, security researchers Charlie Miller and Chris Valasek wirelessly hacked a Jeep Cherokee while it was on the highway. They were able to control the car’s wipers, brakes, functions. They disabled the brakes and sent the car crashing into a ditch. They were able to manipulate the Jeep Uconnect system which includes navigation, WiFi and Bluetooth phone pairing. Researchers from the University of California and Rutgers were able to hack into the pressure monitoring systems. At the University of Washington and University of San Diego, researchers created a program that would hack into the computers and disable the brakes and stop the engine. So after knowing the dangers of security breaching one would wonder as to how they can protect their car from such hacks! First things first- it’s all about awareness and being careful. Know your car- the wireless systems, the operation of the systems, the software and etc. Secondly protect your information. Make sure you don’t leave passwords for the software used by your car inside. A lot can go wrong if your information falls into the wrong hands. Beware of the third party devices used by your car. Make sure that the software used is trusted third party software. Go to reputable dealers and repair shops hence not giving them the opportunity to manipulate your car’s systems. With more awareness and caution hacking all together can be prevented. CLICK OR SCAN ME TO KNOW MORE
7
THE EEEA REVIEW
Cyber terrorism in India By The premeditated, politically motivated attack against information, computer systems, computer programs, and data which result in violence against noncombatant targets by sub national groups or clandestine agents. Labeling a “cyber attack” as “cybercrime” or “cyber terrorism” is problematic because of the difficulty determining with certainty the identity, intent, or the political motivations of an attacker. “Cybercrime” can be very broad in scope, and may sometimes involve more factors than just a computer hack. “Cyber terrorism” is often equated with the use of malicious code. However, a “cyber terrorism” event may also sometimes depend on the presence of other factors beyond just a “cyber attack.”
Abhishek Iyer gaping holes in the Indian e-security environment were shown when a Swedish “ethical hacker” blogged details of e–mail accounts and passwords of several Indian government institutions, including the Defence Research and Development Organization, the National Defence Academy etc. he matter assumes significance particularly because China has been steadily strengthening its ability to wage electronic warfare alongside its rapid (and non-transparent) modernization of its military and armory. Hackers from Pakistan and terrorist organizations are increasing their attacks on Indian websites to provide a new dimension to the ongoing Indo- Pak conflict over Jammu and Kashmir. The terrorist organizations were resorting to the internet and information systems to extend their warfare into a completely new ground to give a new, lost-cost dimension, with maximum effect and reach. Hacker groups from Pakistan like Pakistan Hacker Club had intensified their attacks on Indian websites, especially over the last few years. As tensions between the neighboring regions of India and Pakistan over Kashmir grew over time, Pro- Pakistan cyber-terrorists and recruited hackers began to target India’s Internet Community. Just prior to and after the September 11th attacks, it is believed that the sympathizers of Pakistan (which also included members of the Al Qaeda Organization) began their spread of propaganda and attacks against Indian Internet based communities. Groups such as G- Force and Doctor Nuker have defaced or disrupted service to several major entities in India such as the Zee TV Network, The India Institute of Science and the Bhabha Atomic Research Centre which all have political ties. The Group, Pakistani Hackerz Club also went as far as to target the United States Air Force Computing Environment and the Department of Energy’s website. The problem of cyber terrorism is multilateral having varied facets and dimensions. Its solution requires rigorous application of energy and resources. It must be noted that law is always seven steps behind the technology. This is so because we can’t change law with the same rate as technology changes. Now with the introduction of the Information Technology (amendment) Act, 2008 explicit provisions are made to punish those who are indulged in Cyber crimes.
While there are some groups of “pure” cyber terrorists in operation in the world the main threat would seem to come from groups that have historically operated in the “real” world. In this era, terrorist organizations, which generally get no access to television or radio communication, can easily broadcast their messages to the entire world via the Internet.In fact, many of the largest terrorist groups either maintain their own website, or have sites dedicated to them. The peril imposed by cyber terrorism has snatched the attention of the world mass media, the security population, and the Information Technology (IT) industry. Journalists, politicians, and experts in a variety of fields have popularizes a scenario in which sophisticated cyber terrorists electronically break into computers that control dams or air traffic systems, wreaking havoc and endangering not only millions of lives but national security itself. We know that the most critical infrastructure in Western Societies is networked through computers, so any kind of threat from cyber terrorist is highly alarming. Our dependence on IT is growing day to day and it has created vulnerability giving terrorist the chance to approach targets that would otherwise be utterly unassailable, such as national defense systems and air traffic control systems. So in short, the most technologically advanced country is most vulnerable to the cyber terrorist attacks. The sensational episodes of online warfare are high against this nation. But still we witness that mostly we are not prepared to counter the cyber terror attack by China and Pakistan against our great India. Recently
8
THE EEEA REVIEW
Hacktivism or hactivism ,a portmanteau of hack and activism is the subversive use of computers and computer networks to promote a political agenda. With roots in hacker culture and hacker ethics, its ends are often related to the free speech, human rights, or freedom of information movements. Anonymous
Lizard Squad
Famous with the general populace for their vendetta against ISIS while donning the Guy Fawkes masks, Anonymous is an open online creation group spread in many parts of the world. They stand against the injustice of all kinds, keeping with their personality of vigilantes that becomes apparent with their Guy Fawkes masks. They acted against the Church of Scientology, hacked the Pentagon, attacked Visa, PayPal and MasterCard for refusing payments to WikiLeaks, and took down some websites belonging to ISIS. Many individuals from countries like Netherlands, USA, UK, Australia, Spain, and Turkey have been arrested for being allegedly belonging to Anonymous.
Lizard Squad’s list of victims includes high profile websites like the Malaysian Airlines website, where users were redirected to a page with the message “404- plane not found”, and Facebook. Although Facebook denied being hacked, their network was down for some time due to a DDoS attack by Lizard Squad. The group has also attacked Sony and Microsoft, with their members posting ISIS flags on Sony’s servers. Some members were arrested in USA and England following their Xbox and PlayStation hacks.
CHAOS COMPUTER CLUB Founded in Berlin in 1980 and one of the largest European Hacking groups, CCC is one of the good hacking groups of the world that has been teaching the common public about technology since the 1980s. The working of CCC is directed towards uncovering security flaws in major government and non-government services. They said that they had to consult a lot of legal advisors before ascertaining what is illegal hacking and what the grey area of legality in hacking is. They clarified their intentions when they stole 134,000 marks from a bank in Hamburg using their Bildschirmtext page. They showed their true intentions by returning back the entire money after exposing the security flaw in the website. However, they have been found guilty of selling U.S corporations’ and government’s source code to the KGB.
TARH ANDISHAN Tarh Andishan is an Iranian hacking group that is comprised of a group of 20 highly skilled and talented hackers. It is believed that the group, based in Tehran, formed due to the Stuxnet worm virus which, according to Iran, was a joint effort by US and Israeli forces against them. Their activity ranges far and wide, with the group being believed by many to wanting to control all the web-based systems of the world. Their victims consist of many security systems as well as airline gates. Their most notorious activity, though, is believed to be Operation Cleaver, which is an operation targeting military, energy and utilities, oil and gas, airlines, airports, transportation, and hospitals. More than 50 entities in over 16 countries including China, USA, Saudi Arabia, India, Israel, France, Germany, and England have been hit by this campaign. TarhAndishan uses techniques like SQL injection attacks, self-propagating software, backdoors, etc.
9
THE EEEA REVIEW
1. The Original LogicBomb During the cold war in 1982, the CIA found a way to disrupt the operation of a Siberian gas pipeline of Russia without using traditional explosive devices such as missiles or bombs. Instead, they caused the Siberian gas pipeline to explode using a portion of a code in the computer system that controls its operation in what they tagged as “logic bomb.” The chaos that ensued was so monumental that the resulting fire was even seen from space.
2. MafiaBoy causes $1 billion dollars in damages (2000) Another 15 year old that caused mischief in cyber space was Michael Calce a.k.a. MafiaBoy. In 2000, Calce, now 26, was just a Canadian high school student when decided to unleash a DDoS attack on a number of high-profile commercial websites including Amazon, CNN, eBay and Yahoo!.An industry expert estimated the attacks resulted in a $US1.2 billion dollar damage bill.He was later apprehended. Because he was still a juvenile, Calce was sentenced in 2001 to eight months in open custody, meaning his movements and actions would be restricted. His online access was also limited by the court. Calce and since scored gigs as a columnist and recently published a book about his ordeal.
3. Google China hit by cyber attack (2009): When Google's Chinese headquarters detected a security breech in mid-December, it opened up a whole can of worms (pun intended) implicating the Chinese Government. Hackers had gained access to several Google’s corporate servers and intellectual property was stolen. In a blog, Google said it has “evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinse human rights activists”. As the company dug deeper, they found numerous Gmail of users from US, China and Europe had been routinely been accessed without permission. Those emails belonged to advocates of human rights in China. All eyes darted towards the Chinse Government, which has been accused of flagrantly disregarding human rights for years. Google entered the Chinese market with www.google.cn in 2006 and capitulated to China’s stringent Internet censorship regime. The cyber attacks in December 2009 resulted in the company’s re-evaluation of its business in the country.
10
In March 2010, Google relocated its servers for google.cn to Hong Kong in order to escape China’s Internet filtering policy.
4. Teen hacks NASA and US Defense Department: The year was 1999. Jonathan James was 15 at the time but what he did that year secured him a place in the hacker’s hall of fame. James had managed to penetrate the computers of a US Department of Defensedivison and installed a ‘backdoor’ on its servers. This allowed him to intercept thousands of internal emails from different government organisations including ones containing usernames and passwords for various military computers. Using the stolen information, James was able to steal a piece of NASA software which cost the space exploration agency $41,000 as systems were shutdown for three weeks. According to NASA, “the software [purported to be worth $1.7 million] supported the International Space Station’s physical environment, including control of the temperature and humidity within the living space.” James was later caught but received a light sentence due to his young age. He committed suicide in 2008 after he was accused of conspiring with other hackers to steal credit card information. James denied the allegation in his suicide letter.
5. Solar Sunrise (1998) Originally thought to have been the efforts of Iraqi operatives, a systematic cyber attack was launched in the US which seized control of over 500 government and private computer systems. The hackers were exploiting computers running on the Sun Solaris operating system, hence collective attacks were called ‘Solar Sunrise’. The US Government assembled a number of defense divisions including the FBI and the Defense Information Systems Agency to investigate the matter. Much to everybody’s surprise, there were no Iraqi operatives involved in the hacking. Investigations resulted in the arrest of three teenagers from California. While it was cased closed for ‘Solar Sunrise’, the attacks highlighted how a co-ordinated effort could affect an entire country’s IT infrastructure.
THE EEEA REVIEW
ETHICS OF FULL DISCLOSURE CONCERNING SECURITY VULNERABILITIES Computer security vulnerabilities are a threat that have spawned a booming industry. When one thinks about who benefits from security problems, typically the first thought would be that attackers are the primary beneficiary – breaking into vulnerable computer systems and stealing money and valuable information from victims can be an easy and profitable line of work. However, there is another side to this burgeoning industry, the community of security professionals who build a reputation and earn a living finding and reporting security problems. Working as a computer security professional can be quite profitable, with the benefit of not having to break the law or compromise one’s ethics. Security professionals has a potential to reveal the details of a software/process. Revealing the details could help system planers to patch vulnerabilities.
How it is disclosed ethically? To ethically disclose a vulnerability, our first step should be to notify the vendor. When a reporter discovers a vulnerability the researcher informs the vendor at large of the specifics of that vulnerability-it includes how found, what products are affected and in some cases, he provides the report with the method to exploit the flaw and to protect systems against exploitation of the flaw. Disclosing vulnerabilities are of two types. The first is called•full disclosure. Reporters immediately publish their vulnerability into the wild, giving the vendors absolutely no opportunity to release a fix. The second is called•responsible disclosure or staggered disclosure. This is where the reporter contacts the vendor before the vulnerability is released. Both parties then agree on a time frame where the vendors promises not to publish the vulnerability, in order to give the vendor an opportunity to build and release a fix. This time period can be anywhere from 30 days to a year, depending on the severity and complexity of the vulnerability. Some security holes cannot be fixed easily, and require entire software systems to be rebuilt from scratch. When the vendor has patched vulnerabilities, he provides reporter with solution and he also releases a disclosure statement. When the vulnerability is patched, user community provides feedback on vulnerability and solution.
Where might this process break down in the real world? Unethical hackers break down this process in the real world. Hackers aren’t inherently bad, the word “hacker” doesn’t mean criminal or bad guy.•Geeks and tech writers often refer to black hat, white hat, and grey hat hackers. These terms define different groups of hackers based on their behaviour. Black hats •Black-hat hackers are the type of hacker the popular media seems to focus on.• Black-hat hackers violate computer security for personal gain or for pure maliciousness. Black hats fit the widely-held stereotype that hackers are criminals performing illegal activities for personal gain and attacking others. They’re the computer criminals. White hats White-hat hackers are the opposite of the black-hat hackers. They are the ethical hackers, experts in compromising computer security systems who use their abilities for good, ethical, and legal purposes rather than bad, unethical, and criminal purposes. Grey hats •A grey-hat hacker falls somewhere between a black hat and a white hat. A grey hat doesn’t work for their own personal gain or to cause carnage, but they may technically commit crimes and do arguably unethical things.If a grey-hat hacker discovers a security flaw in a piece of software or on a website, they may disclose the flaw publically instead of privately disclosing the flaw to the organization and giving them time to fix it. The Internet will continue to grow and change the role that software plays in our lives. As our lives depend more and more on the Internet and software, security becomes essential. When software vulnerabilities are discovered, it is in the public interest that existing systems with vulnerabilities are being fixed in a timely fashion.
11
THE EEEA REVIEW
DEFENCE SYSTEMS AND CYBER SECURITY By Adisha Raman There were the good old days when we actually built towering walls to protect our nation. And today we do not build walls but rely on never ending pages of 0s and 1s which serve as the digital frontier of our nation’s security. Look how things have changed, from stone walls to invisible codes! Today we protect our nation through undecipherable invisible codes. Indeed cyber security has become our new line of defence. Most of the scripted documents have now been transformed into digital data because we live in a digital era. Hence comes in the need for cyber security systems. India has made immense developments in cyber security when compared to that time when the idea of cyber security had just bloomed. The G-10 countries (eleven industrial countries Belgium,•Canada,France, Germany, Italy,•Japan, the Netherlands, Sweden, Switzerland, the•United Kingdom•and the•United States) have invested trillions of dollars in creating digital barriers to protect their countries. But inspite of this every security system has its own flaw and it has been evident from the large scale attacks targeted on the digital systems by an elite group of hackers primarily led by the infamous Garry Mckinon and Kevin Mitnick who were at the prime of their hacking career at the late 90's and the early 2000's which served as an eye opener for countries saying that no matter how hard we try security is still impregnable and vulnerable. “A person who understands can control”. Following many successful instances of hacking raids countries having started giving more importance to cyber security. Cyber security is given as much importance as nuclear missiles are given, perhaps even more! Countries have taken their critical defence systems and utilities offline and off the grid and have eliminated the loop holes that existed earlier. New technologies like the Honeycomb servers, public key cryptography, and different decoys have been incorporated and funding of R&D projects on digital systems has increased. This has given rise to quantum computing, cloud computing and other protective shields which not only keep our country out of harm’s way but also fortify our social life. This funding of defence systems has a major role to play in the lives of the people who use the Internet. It is only because of the government’s funding that we have secure systems of communication. The country’s defence system has improved and also the security of every individual of the country has also been improved.
So it sounds like we are pretty safe doesn’t it? Cyber security is like a dagger. It is sharp on both ends. Just like a soldier gets a Kevlar vest, a citizen gets a digital vest that protects them from the bullets of 0’s and 1’s. The government uses this revolutionary technology to protect the nation but also uses it to keep a tab on its own people to prevent any future threats. But this leaves a serious question mark on our privacy. Cyber security is being used to extract and confiscate our personal information leaving our privacy invaded. Recent years prove that the same technology being used to protect us also has a dark side to it. We are spied on secretly. So now are we truly safe or under the impression that we are safe? Are people like Garry Mckinon and Kevin Mitnick actually trying to disclose the smokescreen which is seen as the wall fortifying people?
12
THE EEEA REVIEW
Hacker is among the most skilled information technology disciplines, it requires a wide knowledge of IT technologies and techniques. To truly be a great hacker, one must master many skills. Don't be discouraged if you don't have all the skills listed here, but rather use this list as a starting ground for what you need to study and master in the near future. These are the basics that every hacker should know before even trying to hack. Once you have a good grasp on everything in this section, you can move into the intermediary level. 1 Basic Computer Skills It probably goes without saying that to become a hacker you need some basic computer skills. These skills go beyond the ability to create a Word document or cruise the Internet. You need to be able to use the command line in Windows, edit the registry, and set up your networking parameters. Many of these basic skills can be acquired in a basic computer skills course like A+. 2 Networking Skills You need to understand the basics of networking,such as the following. DHCP, NATSubnetting, IPv4, IPv6, Public v Private IP, DNS, Routers and switches, VLANs, osI model, MAC addressing, ARP. As we are often exploiting these technologies, the better you understand how they work, the more successful you will be. 3 Linux Skills It is extremely critical to develop Linux skills to become a hacker. Nearly all the tools we use as a hacker are developed for Linux and Linux gives us capabilities that we don't have using Windows. 4 Wireshark or Tcpdump Wireshark is the most widely used sniffer/protocol analyzer, while tcpdump is a command line sniffer/protocol analyzer. Both can be extraordinarily useful in analyzing TCP/IP traffic and attacks.
7 Wireless Technologies In order to be able to hack wireless, you must first understand how it works. Things like the encryption algorithms (WEP, WPA, WPA2), the four-way handshake, and WPS. In addition, understanding things such as the protocol for connection and authentication and the legal constraints on wireless technologies. 8 Scripting Without• scripting skills, the hacker will be relegated to use other hackers' tools. This limits your effectiveness. Every day a new tool is in existence loses effectiveness as security admins come up with defences. To develop your own unique tools, you will need to become proficient at least in one of the scripting languages including the BASH shell. These should include one of Perl, Python, or Ruby. 9 Database Skills If you want to be able to proficiently•hack databases, you will need to understand databases and how they work. This includes the SQL language. I would also recommend the mastery of one of the major DBMS's such SQL Server, Oracle, or MySQL.
10 Advanced TCP/IP The beginner hacker must understand TCP/IP basics, but to rise to the intermediate level, you must understand in intimate details the TCP/IP protocol stack and fields. These include how each of the fields (flags, window, df, tos, seq, ack, etc.) in both the TCP and IP packet can be manipulated and used against the victim system to enable MitM attacks.
5 Virtualization You need to become proficient in using one of the virtualization software packages such as•VirtualBox or•VMWare Workstation. 6 Security Concepts & Technologies A good hacker understands security concepts and technologies. The only way to overcome the roadblocks established by the security admins is to be familiar with them. The hacker must understand such things as PKI (public key infrastructure), SSL (secure sockets layer), I DS (intrusion detection system), firewalls, etc.
11 Reverse Engineering Reverse engineering enables you to open a piece of malware and re-build it with additional features and capabilities. Just like in software engineering, no one builds a new application from scratch. Nearly every new exploit or malware uses components from other existing malware..
13
THE EEEA EEEA REVIEW REVEIW THE
By
Chidambaram
According to a report from intelligence firmflash point a growing pro-ISIS community of hackers has expanded the formal merger of several ISIS hacking groups namely the Caliphate Cyber Army, the Sons Caliphate Army and the Kalashnikov team into a new group called the United Cyber Caliphate. However, despite pooling their resources, the cyber capabilities of the Islamic state and its supporters are still relatively weak and appear to be underfunded and poorly organised.
ISIS’ Cyber Roots and Leaders ISIS is really the first group that even had a hacking wing. While many of its fighters were proudly displaying captured heavy equipment and weaponry on the battlefield, the new caliphate attracted others with soft skills that have arguably been more beneficial in the years since.The ISIS Hacking Division - referred to as the Cyber Caliphate was launched in late 2014 by Junaid Hussain, known by his hacker name, Trick. Team poison owned by Junaid Hussain raised its own profile, claiming a hack of Mark Zuckerberg's Facebook page, NATO, the British Ministry of Defence, and even hacking former British prime minister Tony Blair's accounts and posting information online.Hussian was killed by an airstrike•performed by the US. Before the strike was carried out, the US's own hackers had used Hussain's own cyber tools against him, apparently•enticing him to a malicious file that would reveal his IP address and•geolocation.
Cyber Attacks ISIS hackers defaced•US news stations, French municipality sites, Kuwait's parliament and•even the website•of International Business Times.But one of its most high profile attacks came with its takeover of the social media accounts associated with US Central Command, the American military unit responsible for fighting ISIS. And also ISIS has claimed to have launched attacks by mobilizing unmanned explosive vehicles and target security sites Thus ISIS was able to take over social media accounts, defame websites and attack the sites of certain cities although it hasn’t•accomplished any major hack.
Can ISIS Hack into the Internet of Things? They were only able to obtain the credentials to a Twitter account or a facebook account not top secret, and also hacking tool for such hacking attacks are available online. But hacking a far more complex network of devices and systems like the Internet of Things, disrupting major networks or flash network are not feasible today said cyber experts. Pro-ISIS cyber hackers, similar to other cybercriminal groups are likely to•leverage open sourcehacking toolsfrom publicly available sources while also utilizing both premade and custom malware. While the cyber capabilities of ISIS may not be sophisticated currently, this is something that can change rapidly. Launching damaging cyberattacks does not require a large team and by recruiting or training a group with a higher level of skill, the required attacks can be implemented.
14
THE EEEA REVIEW
What is cyber warfare?
How does cyber warfare work?
Simply put, cyber warfare is the use of hacking to conduct
Nation/State-sponsored hackers (hackers either in the military of a nation/state or supported by said state) attack computers and networks that are involved with sensitive resources within a country.
attacks on a target’s•strategic•or•tactical resources•for the purposes of•espionage•or sabotage.
They do this like you would hack any other computer or system: you learn as much as you can about the system, you figure out its flaws, and you exploit those flaws to either gain control of that system or destroy it.
How much of it is government sponsored? Honestly, nobody knows. There aren’t numbers showing the bifurcation between hacking sponsored by countries vs. hacking sponsored by rogue states or movements like Al-Qaeda. This is one of the big problems with cyber warfare: it’s asymmetrical in nature. A small country with a strong hacker elite can easily wound a huge country with a shoddy infrastructure but otherwise amazing military. It’s fair to assume that hackers supported by wealthy countries are certainly much more dangerous. Most first world countries are passably good at defending themselves from basic cyber attacks. Hackers supported by powerful countries are probably going to be more sophisticated, and can pull off attacks that circumvent such defenses and potentially can cause catastrophic civil and military damages.
15
Who does it target? Cyber warfare is going to target any sensitive industry in your opponent’s infrastructure. This means obvious stuff like the military and defense and weapons manufacturers. It also means stuff like civilian factories that make weapons, mines, and other resource manufacturers that help those factories operate, and the national power grid that gives all of the above its necessary electricity.
How does it threaten society? 1. Strategic cyber warfare does not distinguish between civilians and military: Just like nuclear weapons in the cold war, cyber weapons are just as likely to be targeting civilian resources as they are military ones. While a nuke is obviously way more damaging than a piece of malware is alone, a cyberattack can cause civilian casualties and deaths. A great example of this is an attack on the national power grid. The national power grid is an obvious strategic resource for the US. If you took down the power grid through a cyber attack (something the US is rightfully concerned about), you would not just stop factories from building guns. You would also cause traffic accidents, interrupt surgeries, stop life-giving machines such as iron lungs, and basically just kill a whole mess of people across the country. · 2. It’s really hard to figure out who launched cyberattacks, and as such, governments don’t have to be held accountable for their actions: One area where cyberweapons are a lot worse than nuclear weapons is in attribution – figuring out who launched the weapon in the first place.It’s really easy to hide where you’re hacking a computer from because you can go through•proxies•that mask where your traffic is originally coming from. Even if you figured out where a computer came from, it’s another huge problem to figure out who the person sitting behind the keyboard was – much less whether or not they were a government agent.Without attribution, you can’t have accountability. And without accountability, stuff like deterrence and mutually assured destruction don’t work. If a government isn’t accountable for their cyber attacks during a cyber war, they couldalways go for the throat and launch damaging, quasi-terrorist attacks like taking down a country’s power grid or sabotaging industrial systems to physically damage factories or cities.In both cases, innocent civilians are most likely going to die.
THE EEEA REVIEW
Growth OF CYBER CRIMES IN INDIA By Vishal sehgal What are Cyber Crimes? Cyber crime encompasses any criminal act dealing with computers and networks (called hacking). Additionally, cyber crime also includes traditional crimes conducted through the Internet. Cyber Crimes in India are registered under three broad heads, the IT Act, the Indian Penal Code (IPC) and other State Level Legislations (SLL). The cases registered under the IT Act include: ● ● ● ● ● ● ● ● ● ● ●
· Tampering computer source documents (Section 65 IT Act) · Loss /damage to computer resource/utility (Section 66 (1) IT Act) · Hacking (Section 66 (2) IT Act) · Obscene publication/transmission in electronic form (Section 67 IT Act) · Failure of compliance/orders of Certifying Authority (Section 68 I T Act) · Failure to assist in decrypting the information intercepted by Govt Agency (Section 69 IT Act) · Un-authorised access/attempt to access to protected computer system (Section70 IT Act) · Obtaining licence or Digital Signature Certificate by misrepresentation / suppression of fact (Section 71 IT Act) · Publishing false Digital Signature Certificate (Section 73 IT Act) · Fraud Digital Signature Certificate (Section 74 IT Act) · Breach of confidentiality/privacy (Section 72 IT Act)
IT Act Year
Cyber
IPC
Cases Registered Persons Arrested Cases Registered
Crimes up by more
2011
1791
1184
422
446
2012
2876
1522
601
549
times in 5
2013
4356
2098
1337
1203
years
2014
7201
4246
2272
1224
2015
8045
5102
3422
2867
Total 24269
14152
8054
6289
than 3
<
The•numbers of cases registered•under the IT Act and IPC have been growing continuously. The cases registered under the IT act grew by more than 350% from 2011 to 2015. There was almost a 70% increase in the number of cybercrimes under the IT act between 2013 and 2014. The cases registered under the IPC increased by more than 7 times during the period between 2011 and 2015. Similar trend is observed in the number of persons arrested. The government also acknowledges the increase in the number of such crimes and that the introduction of technologies, devices including smart phones and complex applications, and rise in usage of cyber space for businesses has resulted in such an increase.
17
THE EEEA REVIEW
Maharashtra & Uttar Pradesh on the top The list of states with the highest incidence of cyber crime for the period 2011 to 2015 throws no surprises. Maharashtra tops the list with more than 5900 cases in the 5 years followed by Uttar Pradesh with close to 5000 such cases. Karnataka is third with more than 3500 cases. The top states in this list are the ones with aâ&#x20AC;˘ greaterâ&#x20AC;˘ internet subscriber base. The bottom 10 are relatively smaller states with lower population & lower internet penetration.
What is the Government Doing? The government says that use of social media has also emerged as a key tool for committing cybercrimes and attacks that affect nation and society and is conscious of increase in cybercrimes. It has taken various steps in the form of awareness, training, legal framework, emergency response and implementation of best practices to prevent occurrence of such cyber crimes.
18
THE EEEA REVIEW
Artificial Intelligence in cybersecurity By Vishal Sehgal How to protect such a huge number of devices that are always online and that exchange an impressive amount of data with other systems? The response could be represented by Artificial Intelligence. These algorithms could start from current knowledge to assume infinite attack scenarios and identify the occurrence in real time. The principal problem in handling cyber threats is that the speed of the attacks and the amount of data that must be analysed to respond in real time.It’s clear that defence cannot be handled by humans without a considerable level of automation that, due to the dynamic nature of the threats, must evolve in time. In this scenario, the application of processes of artificial intelligence could represent a winning choice, because it could help to dynamically reply to cyber threats by implementing learning capability in software. The principal risks related to the robustness of systems implementing Artificial Intelligence algorithms are: ● Verification: It is difficult to prove the correspondence between formal design requirements due to the dynamic evolution of such kind of solutions. In many cases the AI system evolves in time due to their experience. This evolution could make the system no longer compliant with initial requirements. ● Security: it is crucial to prevent threat actors that could manipulate the AI systems and the way they operate. ● Validity: ensure that the AI system maintains a normal behaviour that does not contradict the requirements defined in the design phase, even if the system operates in hostile conditions (e.g. during a cyber-attack or in presence of failure for one of its modules). ● Control: how to enable human control over an AI system after it begins to operate, for example to change requirements. ● Reliability: The reliability of predictions made by AI systems. Recently a team of researchers from the University of Oxford conducted an interesting•study•to evaluate the principal risks that threaten human civilization and that could potentially destroy the human race. Their• recent report•pointed towards 12 major risks that threaten to end the human civilization. These researchers organized the risks in the following four categories: · Current Risks (i.e. climatic changes, Nuclear war); Outer risks (Exogenous) (i.e. Asteroid impacts); Emerging Risks (manmade) (i.e. Synthetic biology, Artificial Intelligence); Global policy risk, which would mean an overall bad global governance. As explained by the experts, while all the 12 risks are infinite threats to the human race. Intelligent systems are able to “perceive” the surrounding environment and act to maximize their chances of success. For this reason the “extreme intelligences … are difficult to control and would probably act to boost their own intelligence and acquire maximal resources for almost all initial Artificial Intelligence motivations.”
16
THE EEEA REVIEW
The combination of using social, mobile, analytics and cloud (SMAC) technologies together is being heralded as the next big IT innovation. A SMAC platform combines these technologies to bring together real-time data and advanced analytics. Retailers may be able to track customers through stores and on websites to determine buyer behaviors, for example. This type of analytics walks a fine line between business and Big Brother, as many consumers may object to this level of behavioral tracking. It will be critical for vompanies to build or validate the security of these potentially controversial systems or companies could face a consumer backlash. It is simply a combination of existing technologies working together. Mobile apps still need to be assessed for the standard set of security vulnerabilities such as data leakage and insecure data storage. The cloud service used for the SMAC platform must pass a complete due-diligence assessment based on defined controls -- such as the Cloud Security Alliance's Cloud Controls Matrix. The data stored in the cloud could be confidential and harmful to the company if it were exposed. However, the approach is no different than assessing other cloud-based applications. The use of these SMAC platforms could create new ethical issues for organizations. There are already concerns about the potential discriminatory impact that a SMAC system could have on consumers. Incorrect assumptions or mistakes in
data interpretation from SMAC could harm consumers. Organizations blindly acting on incorrect assumptions from SMAC could also end up inadvertently violating existing laws. SMAC data could lead to a job applicant being denied due to their age, race or religious status, for example. This is why it will be important to define policies and procedures ahead of the implementation on how the information will be utilized by the company. This will include policies to cover acceptable uses and disclosures of the information, as well as the authentication requirements for access. it's taking the idea of market research to a whole new level. This rapid evolution has outrun the current laws on data privacy and security that are in place around the world today. The data elements covered under current compliance legislation may not directly include the data elements being captured in a SMAC platform. It is still a gray area, since some of these elements include metadata. Metadata is not considered personal data as currently defined in legislation. There will also be differences in the type of data covered by compliance requirements based on the location of the service. Companies looking into SMAC platforms need to realize that they are forging a new compliance trail and must make decisions appropriate with their risk tolerance level.
SMAC (Social, Mobile, Analytics and Cloud) By Pulkit Sethi
19
THE EEEA REVIEW
Just stop believing everything you see on your screen, as it turns out that even your computer monitor can be hacked. You have seen hackers targeting your computer, smartphone, and tablet, but now, it has been proved that they can even compromise your monitor and turn them against by just changing the pixels displayed on the screen. Although changing pixels is really hard and complicated, a team of security researchers at this year’s DEF CON says that it is not impossible.
shutting down the power plant. During their presentation, Cui and Kataria were also able to inject a photo onto a display and add a secure lock icon to the address field of a Web browser. In one example, the team even demonstrated the ability to change PayPal balance from $0 to $1,000,000,000. So, hackers do not require to infect your computer with a ransomware infection. If they can hack your monitor, they can manipulate the pixels to display a ransomware message permanently on your screen, demanding payment to remove the message.
Want To Know How to Hack Computer Monitors? According to the researchers, attackers first need to gain physical access to the monitor's USB or HDMI port which would then help the attacker access the firmware of the display. It was found out that Dell had not implemented any security measures with regard to the process to update the display controller’s firmware, which allowed for this hack. This means that anyone with malicious intent and access to the monitor’s USB or HDMI port would be able to hijack monitor — which involves injecting malicious firmware with the help of a drive-by attack — as well as manipulate the on-screen pixels.
How Dangerous could the Monitor Hack possibly be? Changing a single button could cause a huge amount of damage to the nation. The team gave an example by changing the status-alert light on the control interface of a power plant from Green to Red, which could trick someone into
20
This could be a new strain of computer-based Ransoming.
What's Even Worse? The hacker could log the pixels generated by the monitor and effectively spy on the target users. The pair warns that this issue does not limit to just Dell monitors, but also potentially affects one Billion monitors all over the world, given that all of the most common brands have vulnerable processors. However, there's a downside to this attack. These type of attack is pretty easy to detect, as the image on a screen does not load nearly as fast as it would have before being infected. So it's possibly not the most efficient way to manipulate things quickly on the computers of victims, who are sitting in front of their computers all the time.
THE EEEA REVIEW
Ever wondered how much damage a computer virus can do? Let us give you a compelling example. MyDoom•is considered to be•the most expensive virus in the world• and in cyber security history, having caused an estimated financial damage of•$38.5 billion!
file in the system32 directory and launching it as a child process of the Windows Explorer); this is essentially the same backdoor used by Mimail. 2. A denial-of-service attack against the website of the controversial company SCO Group, timed to commence 1 February 2004. Many virus analysts doubted if this payload would actually function. Later testing suggests that it functions in only 25% of infected systems.
Mydoom, also known as ● W32.MyDoom@mm, ● Novarg,•Mimail.R•and ● Shimgapi.MyDoom
A second version, Mydoom.B, as well as carrying the original payloads, also targets the Microsoft website and blocks access to Microsoft sites and popular online antivirus sites by modifying the hosts file, thus blocking virus removal tools or updates to antivirus software. The smaller number of copies of this version in circulation meant that Microsoft's servers suffered few ill effects.
was first spotted in January 2004 and it became•the fastest-spreading email worm ever, exceeding all previous records. The virus’s origins are believed to be in Russia, but its author was never discovered. Mydoom is primarily transmitted via e-mail, appearing as a transmission error, with subject lines including
Origins: Russia Author’s identity : Hidden Systems Affected :Microsoft Windows First sighted on January 26, 2004 Fastest spreading virus of all time!
How it affects you and what can you do to get protected: Viruses such as MyDoom can be extremely dangerous, because if a cybercriminal gains control over your computer, there’s no telling if and how you may regain control over your device. Severe malware usually morphs and has a very low detection score, so antivirus solutions can’t detect it. You need a proactive solution that can work as a•supplement for your AV, scanning your Internet traffic and warning you when potential threats appear, while also blocking access to hacker controlled servers and keeping your data from leaking.
"Error", "Mail Delivery System", "Test" or "Mail Transaction Failed" in different languages, including English and French. The mail contains an attachment that, if executed, resends the worm to e-mail addresses found in local files such as a user's address book. It also copies itself to the “shared folder” of peer-to-peer file-sharing application KaZaA in an attempt to spread that way. The original version, Mydoom.A, is described as carrying two payloads: 1. A backdoor on port 3127/tcp to allow remote control of the subverted PC (by putting its own SHIMGAPI.DLL
21
THE EEEA REVIEW
Improving the Indian Cyber Security System By Shweta Kurian Since the evolution of the Internet as we know it today, we have harnessed the cyberspace to a lot of our needs. It is capable of providing wide-ranging assistance, the possibilites of which are ever increasing. The governance of this Cyberspace, however, has been inadequate especially in a country like India which boasts of one of the highest densities of Internet users. India is known to be a net information exporter. As technology is moving from the West to the East, the net information flows in the reverse direction, hence exposing vital information to the west. For example, say there is an overseas holding of information about Indian citizens and this system is attacked by a third party, Indian authorities will have limited jurisdiction over this breach on a foreign soil. Another limitation to cybersecurity in India is that although India has nearly 500 million Internet users, they do not access the Internet through the same kind of devices. Apple's market share in India is about 1% as opposed to 44% in the United States. There is a huge discrepancy in the security provided by high end phones and other phones. This poses problems in policy regulation over cybersecurity. India faces various digital intrusions which include espionage, cyber crimes, cyber war and cyber terrorism. The CERT (Computer Emergency Response Team) ranked India as the third most vulnerable country in Asia for 'Ransomware' attacks which are malicious attacks on a system which block access to the system until a sum of money is paid. And as more and more people are introduced to the Internet every day, these attacks are not only becoming more frequent but also more advanced.
up on this existing framework and dictate the working of this multi-agency. It must also address the criticality of cyberspace as an instrument of warfare and must set down guidelines for collaboration with the Military and other Ministries such as the Ministries of Defence, External Affairs, Home and IT. The framework must bring under its wing Intelligence gathering agencies such as the National Technical Research Organisation, the National Intelligence Grid, and the National Information Board, to name a few. These can aid in the working of the set-up Cybersecurity Agency. All the proceedings of the organisation must be reported to the PMO which must aid in the expenses of training and the subsequent recruitment of a cadre of highly trained cyber specialists. In addition, India must not only develop its defensive cyber operations but also must work towards expanding its offensive cyber capabilities. This will help in intruding and intercepting cyber attacks which are becoming more and more sophisticated day by day. There is a shortage of cyber specialists who can create and break encrypted platforms and who are technically proficient in defensive as well as offensive operations. This requires spending money in training of cyber professionals and harnessing the huge IT workforce in India. In establishing the revamped cyber security system, a lot of money will be spent; but the advantages of such a system far outweigh the cost factor. Under the new guidelines, India's military, civil and commercial infrastructure can be improved to the extent that India may become a cyber superpower.
The country is in need of a multi-agency, existing at the state as well as national level with permanent and non-permanent members and governed by a document outlining India's Cyber Security Policies. India's current cybersecurity is set by the National Cyber Security Policy loosely created by the Ministry of Communications and Information Technology in 2013 with a view to protect the data of individuals and corporations. The current policy does not give strategic guidelines for the protection of digital assets and crucial information infrastructure. The updated policy must build
22
THE EEEA REVIEW
Future of Cybersecurity By Abhinav Upadhyay,Third year,EEE
What would cyber security look like after a few years ? What does the future hold for the online protection of people and data? Will we still use credit cards and Social Security numbers in a decade or will they be replaced? Will advances in medicine be matched with progress in protecting personal health records? Will privacy protections be more robust or largely a thing of the past? Bottom line: How will technology impact our lives in the future, in positive and negative ways? These are important questions, and while there are plenty of cyber predictions for 2016, it’s also important to take a long-term look at emerging digital threats in order to address gaps in protection. One area that’s getting a lot of attention is the Internet of Things. Wearable and implantable technology, autonomous cars that drive themselves and network-connected household appliances are just the beginning. Most experts believe that a proliferation of smart sensors, cameras, software, databases and massive data centres will forever alter how we interact in our daily lives. Patrick Tucker, author of The Naked Future: What Happens In a World That Anticipates Your Every Move?, describes upcoming technology this way: “One positive effect of ‘ubiquitous computing,’ as it used to be called, will be much faster, more convenient and lower-cost medical diagnostics. This will be essential if we are to meet the health-care needs of a rapidly aging baby boomer generation. The Internet of Things will also improve safety in cities, as cars, networked to one another and their environment, will better avoid collisions, coordinate speed, etc. We will all be able to bring much more situational intelligence to bear on the act of planning our day, avoiding delays (or unfortunate encounters) and meeting our personal goals.” But others see this coming decade as an Orwellian time with more surveillance of our activities and less ability to not be tracked They wonder: Will citizens be able to opt out of interactions in cyberspace? What freedoms will truly be offered to Luddites?
A survey report :A recent survey conducted by the Pew Internet and American Life Project found that a significant majority of industry experts believe a major cyberattack will occur before 2025. This online attack was defined by “widespread harm to a nation’s security and capacity to defend itself and its people.” Could a catastrophic cyberevent shape our future? According to a 2014 McAfee survey, “68 percent of Americans are concerned about what the state of cybersecurity will be11 years from now. Nearly two-thirds of consumers stated identity theft, monetary theft and fraud as the biggest concerns. ... The study also revealed that as many as 77 percent of consumers fear their families could fall victim to hackers over the next decade. Almost half believe their families will be affected by cyberbullies in 2025.”
SECURITY SCENARIO RESOURCES I’d like to highlight three significant efforts that have looked at these questions in detail and offer excellent insights and some practical solutions. All three of these resources are worth a close examination: 1. Cyberspace 2025: Today’s Decisions,•Tomorrow’s•Terrain is available from Microsoft. This report offers several scenarios and allows the reader to evaluate the outcomes of various policy choices across a diverse range of domains — education, immigration and trade — and their implications for cybersecurity. 2. Cyber space future workshop. 3. U.S Airforce Cybervision•10 years from•now• :- A report about its advanced military priorities. Some experts even think robots with artificial intelligence may help solve our security problems. One final thought :-The latest reports put security back at the top of priorities .So,I guess while other technology items may change or even disappear, cybersecurity• will still be a top concern.
23
THE EEEA REVIEW
the internet's own boy By Kallol Chatterjee
CLICK OR SCAN ME TO KNOW MORE
24
THE EEEA REVIEW
What's up EEE? In this section we give you a brief idea about the events that take place in the EEE department.
25
THE EEEA REVIEW
The event started from 3:30pm. The first year students enjoyed the photo-booth session in the beginning of the event. A welcome speech was delivered by the HOD Mr. K. VIJAYAKUMAR . A dance performance was given by Notheka, a second year EEE student. This was followed by a music performance by Sonal, Debjit and Rishabh. Random people were picked from the crowd and tasks were given to them. An invisible man mime performance was given by a student. First year students then delivered mesmerising musical and dance performances. The first issue of the sports magazine was introduced by association heads. This was followed by two dance performances which delighted the audience. Selected dubsmash videos were played and the best one was awarded. An organized fashion show followed which was concluded with the announcement of Mr. and Mrs. Fresher for the evening. Harlem shake and simultaneous videography was enjoyed by the crowd. The event was concluded successfully with high spirits of enthusiasm.
26
THE EEEA REVIEW
27
THE EEEA REVIEW
The EEE Association came up with an idea of sharing their knowledge further by conducting classes where a particular topic was emphasized upon. The students themselves took an initiative to start these classes with the best in their lot to enlighten the others. The classes commenced on the 9th September. The classes were held two days in a week. They began at 5:00 pm and were done by 6:30 pm. The first class was an introductory class which was taken by Abhishek Iyer and Prateek Gulati, two out of the three heads of the Technical team of the association. Other people who helped in further classes were Shubhomoy Ganguly, Vishal Sehgal, Abhinav Upadhyay, and Shalini Halder. In one of our classes where we took up the topic of sensors, we discussed about the different types of sensors and its applications. Different types of sensors were given to the participants and they were asked to identify the specific parts in it. So, a practical session was conducted too where the students could experience a live demonstration. Coding is something that is required by any branch related to electronics. The Coding classes included topics where loop concept and similar topics were focussed on. This was a step which helped a lot of enthusiastic minds to gather the knowledge necessary for their future projects. And the association is looking forward to many such projects and classes.
28
THE EEEA REVIEW
29
THE EEEA REVIEW
30
THE EEEA REVIEW
WORKSHOP ON CYBER AWARENESS AND ETHICAL HACKING The workshop on ethical hacking and cyber awareness was held on 16 September, 2016 at ESB seminar hall. The workshop was conducted by Akash Thakur. The topics discussed in the workshop were: *Basics of hacking- definitions, related terms (like phising, click bait etc.), SQL injection, Advanced Persistent Threats( ATPs), DDOs. *Gmail account password hack. *Sniffer. *Spoof. *Eaves dropping. *Pawn check. *Fake calls. *Open wifi protection. *How to get secure password. *Frequecy modulation- radio antenna. * IoT hacking. He also discussed about the common mistakes made by people that can help hackers attack them and told everyone about the safety measures that should be taken to avoid hackers' attack. The worshop was successful in spreading cyber awareness among the students.
31
THE EEEA REVIEW
Arduino TV Annoyer Most of these projects are aimed at network hacking and information gathering, like any good hacking project, but this one, the DIY Arduino-based TV annoyer, is strictly for fun and laughs. Put simply, this little device will turn on TVs when you want them off, and turn TVs off when you want them on. Like a simple April Fool's gag
CLICK OR SCAN ME TO KNOW MORE
Install Android on an iPhone If you've got an iPhone, are a little bored with iOS, and you're interested in moonlighting with Google's Android operating system, you can dual boot Android and iOS side-by-side on your iPhone in a few relatively simple steps.
32
THE EEEA REVIEW
Highlights of the Month By Prateek Gulati
World's largest solar unveiled in Tamil Nadu
plant
Adani Enterprises on Wednesday commissioned a 648 MW solar power plant in Tamil Nadu, which it claims is the world's largest solar plant at a single location, with an investment of 4,550 crore. This is a part of the company's plans to achieve a solar power generating capacity of 3,500 MW by March 2017.
Google's Chrome OS update can run Android apps Google has released an update for its browser-based operating system Chrome OS that includes a beta version of the Google Play Store. The update, which is compatible only with Acer Chromebook R11 and ASUS Chromebook Flip laptops, lets users run Android applications besides standard web access. The update is expected to be rolled out to other Chromebook devices by 2017.
George Hotz unveils $999 kit to turn car self-driving The first known person to unlock an iPhone, George Hotz on Tuesday unveiled 'Comma One', a $999 kit that turns select cars to self-driving vehicles. The first product of his startup, named Comma.ai, when fitted into a car wouldn't require a driver to touch the wheel or the brake. Hotz will start shipping the kit by the end of 2016.
33
THE EEEA REVIEW
Here are the Association Core members. They will be in charge of the student body of the Electrical and Electronics department PRESIDENT
:
DR. K. VIJAYKUMAR
CO-ORDINATORS
:
Ms T.M. THAMIZH THENDRAL Ms S. USHA Ms A. GEETHA
VICE PRESIDENT
:
KOLLA SRIKANTH PRANAV BHARADWAJ (Technical) ALLADA SAI ROHIT (Sports) INDRANEEL PATHA (Finance)
TECHNICAL
:
SECRETARY
:
D BHARADWAJ
PR AND MEDIA`
:
AMIT KUMAR
PRATEEK GULATI ABHISHEK IYER
M V SAI PRAVEEN
DHRUV GUPTA CULTURAL
:
DIVYANSH SAWANT
SHIKAR SAHAI ANAMITRA BORA
SPORTS
:
MONISHA DAS FINANCE
:
DV NIKHIL
VISHAL DUBEY EMCEE
:
K NITHIN RAJ SETTY
:
DOCUMENTATION :
B KALAIVANI SHALINI HALDAR
PHOTOGRAPHY
:
:
ANIRUDH REDDY
NILESH PRANAY V NAVEEN SRI SAI
SPONSORSHIP
:
I SAI VARUN SANCHARI BANERJEE
RAJAN CHANDAK V ARCHANA IYER
DISCIPLINE CREATIVE
SOUPTIK CHAKRABARTI
PARTH SHARMA D NIRUPA ANGELIN
PUBLICITY
:
M MAYANK PATHAK SOUMYADIP
DESIGN
:
PIYUSH PRATIK
G SAI KAUSHAL DEEPAK REDDY
KALLOL CHATTERJEE
https://www.facebook.com/eeeassociation.srm/