Cat Techie

Thursday, August 26, 2010

Warmongers, rejoice. The war is on and how. Those who were relieved that there was no cross border firing during Independence Day week, might be surprised. India and Pakistan are fighting a silent war in cyberspace. In the last one week, hacker groups from the two countries have defaced thousands of websites, sent trojans (viruses) to government-operated 'safe' networks, and planted spyware in the bureaucracy's email servers.
According to cyber experts, more than a thousand websites were hacked into and defaced on August 14 and 15, when Pakistan and India celebrated their Independence Days respectively. The day came as a nightmare for some website owners from the two nations. Pakistani hackers were the first to strike on August 14, when they defaced Indian sites. Indians returned fire the next day.
Hackers from both nations hacked into rival websites and posted flags of their countries. Two Pakistani groups, the Pak Cyber Army and PakHaxors took the lead. As per zone-H data, these groups have defaced around 10 to 20 websites. The counter attack from the Indian side was led by Indishell and Indian Cyber Army, who claim to have defaced 1,226 Pakistani websites.
In retaliation, the Pakistani hackers intensified the volume and nature of the attack, resulting in the hacking of the official website of UB group chairman and Rajya Sabha MP Dr Vijay Mallya.
"This is a payback from Pak Cyber Army for the defacement of Pakistani sites! You are playing with fire! This is not a game, kids. We are warning you one last time, don't think that you are secure in this Cyber Space. We will turn your Cyber Space into Hell," the hacked site read.
The Pakistan Cyber Army alleged that HMG, a group of Indian web hackers, had hacked Pakistan's official and important websites in the past. Since 2007, the Pakistan Cyber Army has hacked into several sites, including Oil and Natural Gas Corporation Ltd. Statistics from the Computer Emergency Response Team, an official Indian government organisation that looks into computer security in the country, reveals that more than 4,300 Indian websites have been hacked between January and June 2010.

National days are favourite dates

Cyber crime experts say days of historic importance are a favourite with hackers. "There has been a sudden increase in the number of attacks this week, and the reason could not have been anything other than I-Day. Even the message posted by hackers from both countries carried a tone of jingoism and hatred. Now, hackers have begun expressing their rage on 7/11 and 26/11 too. Zone-H site, where hackers post hacked website screenshots, shows more than 1,000 websites," says cyber crime expert Sunny Vaghela, who assists security agencies in solving cyber crime cases.

What differentiates the cyber war between India and Pakistan from that played out in other countries is the intent. "Elsewhere, attackers may try to steal data or acquire complete control over the infected system and its network. But in the case of India and Pakistan, it's more a display of power and skills. Most of these hackers are young, between 17 and 22, all school and college students," says ethical hacker Ankit Fadia.

In the West, hackers use botnets (groups of computers they have infected with malicious software) to launch an attack. India may not face this grave a problem yet, but it's not long before we could see a high-intensity attack on a website or network that controls economy, transport and communication," says Himanshu Tiwari, cyber crime expert with New Delhi Cyber Cell in Gurgaon. If someone hacks into the system controlling railway crossings, for instance, it's a disaster waiting to unfold. That's reason enough for ordinary Indians to wake up to vulnerability. But at the moment, nobody seems to care much.
According to Fadia's findings, Pakistani hackers are younger and often better than Indians, since the number of websites defaced by them are larger in number. Several of them are based out of Pakistan, but their IP addresses vary from Cardiff in the UK to Texas in the US. Pakistani hackers differ from the Chinese, in that the Chinese hacker works like a spy and enters your computer without letting you know he is monitoring your every move. China has been bombarding Western networks, especially in the UK, for the last 10 years.

What's the modus operandi?

The typical route that hackers take is to attack a shopping website from where they can steal credit card details, following which they buy 'play tune' coupons from the iTunes website. The coupon contains secret codes, using which they can buy songs and movies off the site. Hackers usually sell tickets online in countries where direct iTunes purchase is not available. While selling them, they dish out fake Paypal account details, which they operate using proxy servers of foreign countries, so that they don't get tracked easily, explains Tiwari. And the most crucial skill of the hacker is his ability to cover his tracks.

More VIPs in queue

It's not just Mallya who is on the hacking radar. Since August 15, hackers from both countries have launched mass website defacements resulting in the hacking of Prime Minister Dr Manmohan Singh's website ( too. All websites of the Rajasthan Government were hacked into by Pakistanis on August 19, 2010, thanks to a loophole in their state transport website that shares a server with other sites, leaving it vulnerable.
"Pakistani hackers enjoy showing off their might, so they go for sites that get decent traffic. Hacking government websites or those belonging to VIPs is the best way to flaunt their prowess," says Vaghela, who reported the matter to the Rajasthan Government.

Type of attack

What's a DDOS attack?

A Distributed Denial-of-Service (DDOS) attack commands other computers to bombard a particular website with requests for data, causing the site to hang. The flood of incoming messages to the target system forces it to shut down, thereby denying service to legitimate users of the system.

A hacker begins a DDOS attack by exploiting a vulnerability in one computer system and making it the DDOS 'master'. It is from this master system that the intruder identifies and communicates with other systems that can be compromised. The intruder loads cracking tools available on the Internet on multiple compromised systems. With a single command, he can instruct the controlled machines to launch one of many flood attacks against a specified target.

Estonia suffered it

In 2007, a group of Russian hackers launched a DDOS attack on Estonia, bringing government, banking and media networks to a halt. ATM machines went dead, and traffic lights didn't work, leading to total chaos.

Active Pakistani hackers community

>Pak Cyber Army



>Anti-India Crew (AIC)

India is represented by

>ICW (Indian Cyber warriors)

>ICA (Indian Cyber Army)

>HMG (Hindu Militant Group)


Who was targetted?

>Indian Prime Minister Dr Manmohan Singh

>UB Group Chairman and Rajya Sabha MP Dr Vijay Mallya

>Sadooq Rizvi, Managing Director of Biggdigital (.com), a Bandra-based search marketing service. His site was hacked by a Pakistan-based group that called itself PAKISTANI HACKERS PREDATORS PK

>On July 9, the Mumbai police server cybercellmumbai (.com) was hacked by a Pakistan-based group calling itself Mafia Boyz

No comments:

Post a Comment

thanks for visiting this blog