An internal memo from India’s Military Intelligence that hackers have posted online suggests that manufacturers of mobile devices have provided “backdoor” access to the Indian government in exchange for access to the Indian market. The manufacturers, referred to collectively in the memo as “RINOA,” include RIM, Nokia, and Apple.
Indian blogger Manan Kakkar, who may have been the first to realize the implications of the memo, wrote late on Friday, “Earlier today I came across scans of a set of documents that are internal communications between the Indian Military. The documents claim the existence of a system known as RINOA SUR. While I did not find what SUR stands for but RINOA is RIM, NOkia and Apple. And this is where things start to get very interesting, according to the set of documents, the RINOA SUR platform was used to spy on the USCC—the US-China Economic and Security Review Commission.”
Scans of the memo can be viewed here.
According to its website, “The U.S.-China Economic and Security Review Commission was created by the United States Congress in October 2000 with the legislative mandate to monitor, investigate, and submit to Congress an annual report on the national security implications of the bilateral trade and economic relationship between the United States and the People’s Republic of China, and to provide recommendations, where appropriate, to Congress for legislative and administrative action.”
The USCC has taken a particular interest in cybersecurity threats emanating from China, which may explain the Indian government’s interest in its deliberations. A story published by the India Times in October, for example, noted that “the bipartisan commission typically goes much further in publicly outlining perceived cyber threats to national security from Beijing than have U.S. administrations, which must deal with other issues on which China’s cooperation is critical.”
Kakkar also suggested a connection between the leaked memo and earlier reports of an attack on Symantec — the makers of Norton Antivirus — by a group of Indian hackers calling itself the Lords of Dharamraja.
A member of the group, known as Yama Tough, boasted at Google+ and Pastebin, “As of now we start sharing with all our brothers and followers information from the Indian Militaty (sic) Intelligence servers, so far we have discovered within the Indian Spy Programme (sic) source codes of a dozen software companies which have signed agreements with Indian TANCS programme and CBI.”
Photo by Research In Motion Limited (RIM) [CC-BY-SA-3.0 (www.creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons