CBI website hacked by PCA is still offline

Discussion in 'China' started by rizwan78, Dec 24, 2010.

  1. rizwan78

    rizwan78 Regular Member

    Joined:
    Aug 7, 2009
    Messages:
    283
    Likes Received:
    110
    :angry_10:
    http://www.thehindu.com/sci-tech/internet/article970566.ece
    Websites on the vulnerability list include that of National Archives, the Jammu and Kashmir government and Manipur government's Home Ministry.

    The recent hacking of the Central Bureau of Investigation's website by the so-called “Pak cyber army” has exposed gaping holes in the hosting of some important government websites. It is now official that at least 280 government websites, including that of the Navy, Supreme Court, High Courts of Bombay, Punjab and Haryana, Planning Commission, are “highly vulnerable” to such cyber attacks.

    Government sources told The Hindu that the National Informatics Centre (NIC) under the Department of Information Technology has found that around 280 websites of Central and State government agencies and organisations, hosted by it, are highly vulnerable to cyber attacks as they lack proper cyber security protocols. The NIC is reviewing security aspects of over 5,000 websites and portals.

    Vulnerability list

    Websites of other important government departments and organisations on the vulnerability list include that of National Archives, which is the repository of all non-current records of the Indian Government, the Jammu and Kashmir government, Orissa government's Right to Information portal, and Manipur government's Home Ministry. The websites of two important organisations – Food Corporation of India and National Fertilizers Ltd – are also under threat of cyber attacks.

    Department of Information Technology Secretary S.K. Sharma has directed NIC Director-General B.K. Gairola not to host any website which does not possess a security audit certificate from IT security auditors. These 280 government organisations have been asked to get their websites audited by December 31, 2010; else the hosting of their websites would be stopped.

    Notably, the CBI website, which was hacked on December 3, 2010, and is still not online, had not conducted security audit since 2007, making it a soft target for hackers.

    When contacted, Minister of State for Communications and IT Sachin Pilot said: “We have now made security certificate mandatory for all websites being hosted by NIC. Government departments or agencies can get their website certified by 50 auditors empanelled by NIC. We have asked all ministries, departments and public sector enterprises at both Central and State government levels to step up their cyber security efforts to avert any kind of hacking or attacks.”

    Mr. Pilot — who recently held a meeting with officers of the Department of Information Technology, Ministry of Home Affairs, Indian Computer Emergency Response Team (CERT-In) and NIC — further said they have decided to hold regular audits of all websites with respect to quality and security, prior to the hosting.

    “I have stressed the need to enhance the security of the websites in particular and cyber space in general. There has been a quantum jump in the number of Indian websites, from 1.7-lakh in 2005 to about 1 crore now. This has necessitated that all government agencies should pay close attention to cyber security guidelines followed by them. We are ready with comprehensive crisis management plan prescribed by CERT-In to prevent and deal with attacks on websites,” Mr. Pilot added.
     
  2.  
  3. maomao

    maomao Veteran Hunter of Maleecha Senior Member

    Joined:
    Apr 7, 2010
    Messages:
    4,498
    Likes Received:
    4,147
    Rizwan beta, for almost every Indian site there are atleast 100 pakistani sites gets hacked.....don't act smart because you are definitely:happy_2: not!!
     
  4. rizwan78

    rizwan78 Regular Member

    Joined:
    Aug 7, 2009
    Messages:
    283
    Likes Received:
    110
    Momao beta, web hacking is not a big case but the site remain hacked is most concerning........ is not it ? ..........
     
  5. Flint

    Flint Senior Member Senior Member

    Joined:
    Mar 10, 2009
    Messages:
    1,583
    Likes Received:
    25
    Is any essential business conducted through these websites? I doubt it. They will improve their security over time, but it's hardly a national crisis. Though it is embarrassing.

    As long as the actual functioning is not being impeded, or highly sensitive information is not being leaked it's okay
     
  6. Oracle

    Oracle New Member

    Joined:
    Mar 31, 2010
    Messages:
    8,120
    Likes Received:
    1,541
    Location:
    Bangalore, India
    We still believe in kagaj, kalam. Most of the sensitive documents are kept offline i.e. not wired to the world. And as fas as CBI website not being up till date, something big is going on behind the scenes, like massive upgradation and security patching. Or maybe setting up a honey pot.
     
  7. divya

    divya Regular Member

    Joined:
    Dec 16, 2010
    Messages:
    188
    Likes Received:
    3
    Location:
    delhi
    Lol do you know abcd of hacking. In order to hack the site first it will be needed to rooted. so once rooted our guys wont have access to the root that means we cannot bring down the site. since it is down that means that the hack is over and they are doing upgrades into the site.

    As far as hacking is concerned....Here is the list of your 880 websites which got hacked after that by ICA

    http://pastie.org/private/dzc4skukr0vnveujhijo7a


    oops this news of today morning

    http://www.thehackernews.com/2010/1...sNews+(The+Hackers+News)&utm_content=FaceBook
     
    Last edited: Dec 24, 2010
  8. maomao

    maomao Veteran Hunter of Maleecha Senior Member

    Joined:
    Apr 7, 2010
    Messages:
    4,498
    Likes Received:
    4,147

    Nadan Batche, defacing is not Hacking....taking away Data is what matters......that you people cannot even dream of......:happy_2:
     
  9. divya

    divya Regular Member

    Joined:
    Dec 16, 2010
    Messages:
    188
    Likes Received:
    3
    Location:
    delhi
    As far i have my sources say we had completely rooted their PTC server where all their government sites are hosted. so at any point of time we can bring them down. But alas i dont have links to proove that.

    At the same time CBI site was hacked by SQL injection attack which hardly had any security installed towards it. it was not a big deal. They were just able to upload their own pages and nothing else. They were not even able to deface the existing pages as they did not had access to them
     
  10. Virendra

    Virendra Moderator Moderator

    Joined:
    Oct 16, 2010
    Messages:
    4,674
    Likes Received:
    2,923
    Location:
    Delhi, India, India
    I read it on some forum here only that these were not actual hacks. The content/data of the site is safe, what happened was merely a redirect to a different bogus page. Like you send someone to a wrong address doesn't mean that you infiltrated the correct address.
     

Share This Page