BENGALURU: A group of Pakistani hackers has said they have hacked 7,070 Indian websites and released a list of names early on Tuesday. The hackers are no experts, say cyber security specialists, but are ‘script kiddies’ or those who don’t write their own code and use existing scripts to hack into websites.
Each of the websites has the logo of the hacking group, Pakistan Haxors Crew, and a song “Ae watan tera ishara aagaya, ar sipahi ko pukar aagaya…” (Oh nation, we’ve received your signal, every soldier has got his call(ing)…” begins to play with a scroll that reads, “Tum ne socha tha, hum ne kar dikhaya” (You thought, we’ve done it). The group has in the past hacked websites of Tata Motors, AIADMK and Taj Mahal, and on Tuesday, said, “There is more to come.”
While most of them are non-government websites, experts say this indicates how vulnerable Indian websites are to such threats. According to information from the communication and information technology ministry, 1,490 government websites have been hacked between January, 2010, and December, 2015. The data for this year is yet to be compiled.
“I’ve seen their post. They are not even proper hackers. They are what we call script kiddies, people who use existing computer scripts to hack into computers as they lack the expertise to write their own,” says Mirza Faizan Asad, legal head, Global Cyber Security Response Team. And, if people who cannot write their own code are hacking into websites, the damage by real hackers would be greater.
One of the worst instances of the hacking of a government website was in August, 2013. The Electronics Corporation of India Ltd (ECIL) website was hacked by ‘PhrozenMyst’, who allegedly stole sensitive data pertaining to the Indian Space Research Organisation (Isro) and Bhabha Atomic Research Centre (Barc). The hacking of government websites saw a decline from 2013. However, in 2015, the number went up.
Aravind Prakash, associate professor at Binghamton University, US, said, “There is always a school of thought that will argue, ‘why can’t we buy software’? But one must understand that you cannot trust these companies that we buy from to provide a vulnerability-free software or system. Intrusion or hacking happens when there are vulnerabilities.”