Comments
Share this article
Print
Email
It is not why always numbers fascinate me, but when I see them staring at me, the only thing on my mind is to share the same feeling with you. This time, the numbers belong to a website hosted on some US server and believe me they are more horrible than what I told you last time.
According to “zone-h.net” if you go on that website and search in the archives for the number of government sites hacked since four years, it might show you a page enlisting a number of such websites, and when you look down to see another page, well there is a long list of 25 more pages waiting to be read.
In all, there are more than 500 websites that have already been hacked, defaced and have also undergone re-defacement since the network revolution started in India, and all these are just government websites.
And what happens when you try to find out the total number of Indian websites, excluding the government ones, your mind might just blow out. Now, coming back to the relatively normal state, we are today going to discuss about website hacking in India, and the changing trends with which the government is unable to keep up.
From the same site, the most recent hacked list of Indian government website showed a horde of government websites of Rajasthan state, which got hacked, as well as were re-defaced just the last month.
And if someone might have checked the list a bit further, the income tax website, which is mythically believed to be the most secure one, was hacked in daylight, without those people having a hint about it.
And when this information was told by me, the RBI had enough courage to reply back to me with a smiling face. And when the same thing comes on some research done by university students of US, only then the government thinks of taking adequate steps.
So, is the government really secure of this attacks or the government has only got people withtheoretical education without having any knowledge on practical issues going around.
Every day we here some Pakistani or Chinese hackers defacing the websites, like they themselves own them, like they know the exact coding of these Indian websites, and the government knows it from some research done by US grad students, while it has an unlimited resource to create its own cyber army to encounter them and keep updating them.
But, again the government is way too stubborn to look into these, and still believes in the myth that firewalls can protect their website. There is vacuum, in the police force employed by the government, as they are not up to the mark to tackle the ongoing changes. Nowadays, attacks are occurring within the application layer while the government and police force still waste their time monitoring some firewalls.
Enough defacing of the government, and let us move forward to some logical and ethical solution coming out of this discussion. There are many key points to be discussed here, I will just bullet them out for you such as:
-Keep yourself updated through various sites, and keep on checking with the vulnerabilities of sites around you, or more importantly on your server.
-When a hacker hacks into a website, not only that website, but all those websites hosted on the same hard disk become open and vulnerable for his attack, for this whenever a website is made, it should have the SSL certification, which will make the site secure.
-One should get penetration testing done, once in a while and on all sites hosted on their server. Penetration testing is a way in which ethical hackers hack into websites, expose the vulnerabilities and report them to the website owners, with the necessary changes in coding that may even out the vulnerabilities.
-Only some minor changes may easily secure and avoid such attacks, because the hackers from outside country are way too dumb to hack that hard in our sites, unless we let them too. So, coding programs and workshops should be held by government showing ways to tackle small and big vulnerabilities by changing the style of coding.
-Government should organise workshops for trained and educated professionals on Information Security making them aware about the nuances.
sunny@sunnyvaghela.com