As per a recent report, as many as 40 websites belonging to some important government departments were defaced. The hackers have even displayed their preference primarily towards those websites having ‘.in’ Domain extension.
The report has even managed to collate and highlight the infamous groups responsible for the hack. This was perhaps possible since these hackers usually deface the website and leave behind their signature which acts as their stamp and ‘claim of responsibility’. Accordingly, the top defacers with whom India is fighting an increasingly difficult battle are ‘HuSsY,’ ‘hasnain haxor,’ ‘CouCouM,’ ‘BLACKSMITH HACKERS,’ ‘Romantic,’ ‘ALFA TEAM 2012,’ ‘Intruder’ and ‘Team Patriot’ among others. These talented yet ill-intended teams have so far broken-in websites predominately with extensions: ‘.co.in’, ‘.net.in’, ‘.gov.in’, ‘.org.in’, ‘.nic.in’, ‘.ac.in’, ‘.edu.in’ and ‘.res.in’.
What is the Government doing about it?
Fighting Security Threats is certainly not new for the Government. In fact, there are department setups for these exact occurrences. Besides setting up task forces, Government has routinely announced upgrading its infrastructure like moving up to IPv6 and other measures to thwart or subvert such attacks, but evidently, these measures haven’t proven adequate.
What do the hackers want?
Contrary to popular belief, the hackers don’t just deface the website, but have been known to execute other tasks like stealing passwords, injecting attacks codes, eavesdropping and other methods that capture information or get control access to the website. These not just compromise the website, but the data contained within the servers that host these websites also become prey.
A report released by IAMAI states that the budget allocation towards cyber-security was INR 42.2 Crores (US$ 7.76 Million) for 2012-13, as against INR 35.45 Crores in 2010-11. The Government though earmarks funds, they are peanuts and the losses are sky high. Do you think the Government of India should enhance budget or hire ethical hackers or maybe even approach Microsoft?