This incident is extremely worrying because it involves diplomatic personnel working inwards the embassies that possess got ever been a favorite target of state-sponsored hackers launching cyber espionage campaigns.
Security pen-testers who larn yesteryear the advert Kapustkiy together with Kasimierz possess got claimed responsibleness for the hack together with told The Hacker News that the argue behind the hack was to forcefulness administrators to consider the cyber safety of their websites seriously.
In Pastebin link shared on their Twitter account, the hackers claimed to possess got hijacked Indian Embassy websites inwards Switzerland, Italy, Romania, Mali, South Africa, Libya, together with Republic of Malaŵi together with leaked personal details of hundreds of Indians, including students studying abroad.
The brace exploited a elementary vulnerability inwards the targeted websites inwards an endeavour to hit unauthorized access to the databases.
The Hacker News squad has analyzed those hacked sites together with flora they are vulnerable to SQL Injection vulnerability that allows an assailant to inject malicious SQL commands (payloads) to the spider web application together with pocket database containing sensitive information.
"We did it because their safety was poor, together with several domains related to the Indian Embassy had the same vulnerability. This proves that a lot of people tin john non trust the "Embassy." We promise that this occupation volition endure fixed inwards the future." hackers told The Hacker News via email.
"We did non create it for the lulz or something, but nosotros did but for them to pay attending to the issues amongst their crucial websites. Also, nosotros did non leak anything similar their existent address, metropolis or naught code, which is available inwards the database."The leaked information shows that the targeted websites are then insecure that fifty-fifty user together with admin passwords are besides stored inwards plaintext without whatsoever hashing mechanism.
Is Republic of Republic of India Prepared for Cyber Attacks?
However, it seems similar the Indian authorities did non accept the incident every bit a lesson to tighten the safety of its critical infrastructure that is all fourth dimension favorite target of dark chapeau together with nation-state actors together with could pose nation’s safety at risk.
Since yesteryear ii together with a one-half years, from when Narender Modi has come upward into mightiness every bit Prime Minister, nosotros possess got heard then much nearly Digital Republic of Republic of India Programme – an maiden championed yesteryear Government of Republic of Republic of India that aims at making all authorities services electronically available every bit good every bit providing high-speed Internet connectivity nationwide.
The Department of Telecommunications has stated multiple times that the Indian authorities is real serious nearly the cyber safety threats together with is taking all the necessary initiatives inwards this direction.
The maiden besides includes vision to broaden digital infrastructure inwards the reason amongst novel technologies, but then far nosotros possess got non seen whatsoever Earth score maiden to tighten upward the safety of at to the lowest degree websites that stand upward for diverse crucial authorities departments, agencies, services, together with programs.
Not convinced yet? Let me pose about stats to brand my betoken clear.
H5N1 written report from cyber safety companionship FireEye flora that 38% of organizations inwards Republic of Republic of India were exposed to targeted advanced persistent attacks inwards the start one-half of 2015, that's 23% increment from the previous report.
"India is fast becoming a strategic target, inwards business office because of the potentially sensitive information that is expected to endure digitized through ambitious together with high-profile projects such every bit Digital India," the written report stated.Last year, an annual written report from CERT-In noted that over 26,244 Republic of Republic of India websites were hacked, which includes hundreds of authorities websites.
Also, to a greater extent than than 35 Indian cardinal together with province authorities websites possess got lately been hacked yesteryear Pakistani hackers subsequently Republic of Republic of India did surgical strikes across the Line of Control (LoC), Economic Times reports.
Another survey says that cyber criminal offense incidences inwards Republic of Republic of India possess got drastically jumped inwards yesteryear year, amongst 72% companies inwards the reason falling victim to online attacks.
So far nosotros haven't completely tackled safety of our websites together with a stream of Internet of Things (IoT) cyber attacks possess got dramatically increased the threat landscape inwards yesteryear few months only, which should endure addressed immediately.
