[ISN] World war on world wide web
InfoSec News
isn at c4i.org
Mon Dec 12 03:16:56 EST 2005
http://www.hindustantimes.com/news/181_1570499,0035.htm
Mayank Tewari
New Delhi
December 10, 2005
The battle is virtual and is as good as a real one. It's a fight to
prove how powerful a hacker can be when it comes to breaking into
secure Indian websites and servers. In one corner of the ring stands
the group of international hacker with names like CyberLord, fatal
error and Suicide Scene. In the opposite corner stands the Indian
security establishment with a bunch of unnamed patriotic hackers who
scout the web for any new activity and alert the government.
In the last week of November, international hackers defaced some 230
Indian sites -having domain names ending with .in. A week later more
than 1000 Linux based web servers were hacked ain a single attack by
international hackers. Over 250 of these servers were located in
India.
In the month of August, the websites of four IITs - Mumbai, Guwahati,
Kharagpur and Chennai - were hacked and defaced by a group of
Pakistani hackers who call themselves the Jubni team. The hackers
claimed that some of the members of the group are Majeed, Jubni,
Zohaib, Pak Brain, Mian Walian and Ch33ta. The ire of the group was
directed towards India, USA and Israel.
The beginning of September sounded alarm bells for the security
agencies. A friendly hacker emailed senior government officials about
a Pakistani hackers. plan to deface all defence websites on September
5 - the day the 1965 war broke out. The warning was received on
September 2 and all defence websites were made more secure. Three
days later, there were repeated attempts to break into our servers but
the timely tip off saved the day.
Sources in the government informed that it is common for hackers to
supply intelligence to the Indian government. "There is a network of
hackers where information about a lot events and Internet incidents is
exchanged. We could be forewarned about a worm being propagated in
some part of the world that may hit Indian servers soon.
Based on the input we device patches and post them on our sites for
everyone else to download and use. This impact of any cyber attack is
thus neutralised to a great extent," said a government source. The
website in question is www.cert-in.org.in.
However not everyone pays heed to such security advisories. The CERT
had issued an advisory in August 2005 about the Linux attacks that
happened last week, but little attention was paid to it.
Sources inform that such that awareness levels are so low in India
that instead of sending email alerts of expected hacker attacks typed
letters are sent out to various states informing them to heighten web
security and in the wake of such intelligence.
"It is to our credit that despite all of these drawbacks we are able
to fight international hackers very well," said a government source.
The Computer Emergency Response Team (CERT) also shares intelligence
with similar bodies of other countries and is able to generate timely
inputs.
More information about the ISN
mailing list