India Insights with Geetha Nandikotkur

Electronic / Mobile Payments Fraud , Incident & Breach Response , Next-Generation Technologies & Secure Development

Indian Enterprises Easy Prey for Pakistani Hackers

Why Have Website Defacements Become So Common?
Indian Enterprises Easy Prey for Pakistani Hackers

Indian organizations are easy prey for Pakistani hackers who are increasingly defacing their websites and sometimes blocking transactions as well. But what can be done to block these attacks? And what role can law enforcement play?

See Also: Key Trends in Payments Intelligence: Machine Learning for Fraud Prevention

A series of website defacements caused by Pakistani hackers who seem to have inserted a malicious page to prevent transactions have been reported in the regional news media.

Clearly, India's efforts to boost cybersecurity will be stalled until incident investigation and grievance handling mechanisms improve. 

The Pakistan-based hackers apparently are working with the support of hackers of Indian origin. For example, a Facebook page of Pakistani hacker "Faisal" shows Indian hackers congratulating him for successfully entering varied websites and jeopardizing businesses.

On August 2, the website of Canara Bank, one of the largest public sector banks, was allegedly defaced by Faisal, who inserted a malicious page and blocked some e-payment services, The Economic Times reports.

The hacker used a URL to insert the page but could not access data, according to the news report. The hacker, who unsuccessfully tried to disrupt tax payments by Indians, left a message: "Government of India website stamped by Faisal 1337. We are a team of Pak Cyber Attackers. Go Home Kiddo. Need Security? Contact me: www.facebook.com/Pakistan1337. Pakistan Zindabad".

After the incident, the Reserve Bank of India, in a letter marked "confidential," advised bank chairman to review funds in their banks' (overseas) nostro accounts and carry out hourly reconciliation of payment emails by comparing outward messages with SWIFT confirmation, according to The Economic Times.

Back in June, the Karnataka Police website was hacked by suspected Pakistani hackers, leaving a message saying: "Hacked by Faisal 1337. #police Website Pwned! Shame on your security."

Police say the hackers were trying to track the IP address. Before that, they were trying to replace the website to embarrass the government.

In October of 2015, the Assam police website was hacked, allegedly by FAISAL.

An official at India's Central Investigation Department says: "It is suspected that the hackers might have entered the server through the IP address, using some software to hide their actual IP address."

The hackers had defaced the homepage of the website and inserted a page with a picture of a burning Indian flag. They had also posted slogans like "Pakistan Zindabad," "Hacked by Faisal 1337," "We Are Team Pak Cyber Attacker," "Indian Official Website Hacked" and "Security is Just an Illusion". Following the attack, the website had to be temporarily shut down for restoration.

CID is continuing to investigate the Assam police incident under Sections 65 and 66F of the Information Technology Act 2000

Malware Plays a Role

The common aspect in all these cases has been the use of malware to deface the website.

In each case, website technological shortcomings permitted the hackers to complete their defacements, says Sanjay Sahay, additional director general of police for the Karnataka Police. "The present-day anti-virus is able to detect only five percent of the newly created viruses. If the human body had such immunity, no human being would've survived for more than a few years. That's the paradox of the systems we are dependent on and believe in," he argues.

Law Enforcement Challenges

One of the challenges involved in cracking down on foreign hackers is uncertainty over which Indian laws apply.

Mumbai-based cyber law expert Prashant Mali says law enforcement can register first information reports under section 43(e) & 43(f) with Section 66 of The IT Act, 2000, against an unknown person and carry out investigations until attribution of an attack is confirmed.

But attribution, which involves gathering evidence from other nations, is a challenge that requires the development of bilateral agreements, Mali says.

Delhi-based Rakshit Tandon, cybersecurity adviser to Uttar Pradesh Police, says it's a herculean task to track cyberattacks by foreign criminals.

Clearly, India's efforts to boost cybersecurity will be stalled until incident investigation and grievance handling mechanisms improve.



About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Managing Editor, Asia & the Middle East, ISMG

Nandikotkur is an award-winning journalist with over 20 years' experience in newspapers, audio-visual media, magazines and research. She has an understanding of technology and business journalism, and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a Group Editor for CIO & Leader, IT Next and CSO Forum.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.