[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <a56479a50708311033x11a5aea1i98f59712fa223b94@mail.gmail.com>
Date: Fri, 31 Aug 2007 18:33:30 +0100
From: "hack the gov" <hackthegov@...glemail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: 100 Embassies and governments hacked in
global security breach
http://www.timesnow.tv/Newsdtls.aspx?NewsID=2382
Key Indian websites hacked
8/31/2007 2:04:30 PM
'DEranged security' offers over 100 email accounts and passwords of
government organisations across the world
In a startling development of a major cyber security breach, a
Swedish hacker, who has managed to hack into emails of Indian
embassies in the US, China, Germany, Belgium, among others, has
triggered a million dollar question on the issue of cyber security in
India, or rather, lack of it. The issue has raised much-debated
question of inadequate cyber laws in India and the government's lax
approach towards cyber crime and cyber security.
The Sweden-based hacker has also managed to hack the emails of the
National Defence Academy (NDA) & DRDO officials.
The hacker has reportedly posted email ID's and passwords of 100 email
accounts of embassies & government offices across the world including
13 Indian establishment on his website -- www.derangedsecurity.com
It is still unclear as to how the passwords were accessed by the
hacker as he has posted his name on the web as Dan Egerstad from Malmo
in Sweden.
Logging on to the website allows users to access key emails of several
Indian embassies across the world. The mail-box of the administration
officer of the National Defence Academy and a director of the Defence
Research and Development Organisation has also been hacked..
"I WAS JUST CHECKING THE SYSTEM"
Meanwhile, TIMES NOW managed to get in touch with the alleged hacker
-- Dan Egarstam -- and spoke to him as to how he stumbled on to the
critical information.
Speaking on the issue and clarifying his stand, Dan Egarstam said:"I
just stumbled on to this information. It's very easy to get the
information. I published the information in a bid to get some
attention on the security loopholes and getting it fixed."
He further added:"I don't think that what I have done is illegal and I
have never hacked into anything. Moreover, I haven't logged into any
of these accounts, however, I do have access to emails but that is
because poor security. Once in a while, you do stumble on to some
information on the internet. Usually, I contact the people involved
and tell them how to fix it, however, in this case I didn't really
think that I could --probably, the Indian government would not have
listened or if they would have, they would have charged me with cyber
crime."
TIMES NOW ACCESSES INFORMATION
In a bid to confirm the facts, TIMES NOW has been able to access
several of these emails using data from the website. Email account of
NDA accessed by TIMES NOW had details of purchases made by the NDA.
GOVT OFFICIALS REACT
And reacting to the TIMES NOW story, the Govt sources have alleged
that there is a contingency plan to protect govt property in the
cyber world and it is pending with the decision makers in the Home
Ministry. The sources further claimed that each case of hacking has to
be analyzed separately.
Sources also claimed that hacking is done with various motives and
they are trying to establish the motive in this case. Moreover, it's
also learnt that the National Informatics Centre is working on a plan
to ensure safety and security of govt property in the cyber world.
Plans are afoot by the government to sensitize various govt
departments and ministries to strengthen security systems to protect
websites and other material in the cyber world.
However, precautionary measures are already in place in case of such
instances. A body called NTRO - National Technical Reserach
Organisation -- was established in 2005 as a premier organisation
gathering technical intelligence for the Government of India. The main
role of the NTRO is to ensure and suggest safeguards for government
property on the world wide web. NTRO is also in charge of handling
technical surveillance.
After the Naval war room leak, the Ministry of External Affairs has
reportedly tightened security measures and also have disallowed any
confidential information to be put on email.
WHAT CYBER-LAW EXPERT HAD TO SAY?
Commenting on the issue, the cyber law expert, Pawan Duggal, said:"We
have some basic challenge in this case. The first being that the
hacker is located outside the physical boundary of India so the Indian
law would not apply. Clearly, in this case it will take a long time to
get him to India so virtually we have no effective remedy in this
case.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists