Full Disclosure mailing list archives
Re: 100 Embassies and governments hacked in global security breach
From: "hack the gov" <hackthegov () googlemail com>
Date: Fri, 31 Aug 2007 18:33:30 +0100
http://www.timesnow.tv/Newsdtls.aspx?NewsID=2382 Key Indian websites hacked 8/31/2007 2:04:30 PM 'DEranged security' offers over 100 email accounts and passwords of government organisations across the world In a startling development of a major cyber security breach, a Swedish hacker, who has managed to hack into emails of Indian embassies in the US, China, Germany, Belgium, among others, has triggered a million dollar question on the issue of cyber security in India, or rather, lack of it. The issue has raised much-debated question of inadequate cyber laws in India and the government's lax approach towards cyber crime and cyber security. The Sweden-based hacker has also managed to hack the emails of the National Defence Academy (NDA) & DRDO officials. The hacker has reportedly posted email ID's and passwords of 100 email accounts of embassies & government offices across the world including 13 Indian establishment on his website -- www.derangedsecurity.com It is still unclear as to how the passwords were accessed by the hacker as he has posted his name on the web as Dan Egerstad from Malmo in Sweden. Logging on to the website allows users to access key emails of several Indian embassies across the world. The mail-box of the administration officer of the National Defence Academy and a director of the Defence Research and Development Organisation has also been hacked.. "I WAS JUST CHECKING THE SYSTEM" Meanwhile, TIMES NOW managed to get in touch with the alleged hacker -- Dan Egarstam -- and spoke to him as to how he stumbled on to the critical information. Speaking on the issue and clarifying his stand, Dan Egarstam said:"I just stumbled on to this information. It's very easy to get the information. I published the information in a bid to get some attention on the security loopholes and getting it fixed." He further added:"I don't think that what I have done is illegal and I have never hacked into anything. Moreover, I haven't logged into any of these accounts, however, I do have access to emails but that is because poor security. Once in a while, you do stumble on to some information on the internet. Usually, I contact the people involved and tell them how to fix it, however, in this case I didn't really think that I could --probably, the Indian government would not have listened or if they would have, they would have charged me with cyber crime." TIMES NOW ACCESSES INFORMATION In a bid to confirm the facts, TIMES NOW has been able to access several of these emails using data from the website. Email account of NDA accessed by TIMES NOW had details of purchases made by the NDA. GOVT OFFICIALS REACT And reacting to the TIMES NOW story, the Govt sources have alleged that there is a contingency plan to protect govt property in the cyber world and it is pending with the decision makers in the Home Ministry. The sources further claimed that each case of hacking has to be analyzed separately. Sources also claimed that hacking is done with various motives and they are trying to establish the motive in this case. Moreover, it's also learnt that the National Informatics Centre is working on a plan to ensure safety and security of govt property in the cyber world. Plans are afoot by the government to sensitize various govt departments and ministries to strengthen security systems to protect websites and other material in the cyber world. However, precautionary measures are already in place in case of such instances. A body called NTRO - National Technical Reserach Organisation -- was established in 2005 as a premier organisation gathering technical intelligence for the Government of India. The main role of the NTRO is to ensure and suggest safeguards for government property on the world wide web. NTRO is also in charge of handling technical surveillance. After the Naval war room leak, the Ministry of External Affairs has reportedly tightened security measures and also have disallowed any confidential information to be put on email. WHAT CYBER-LAW EXPERT HAD TO SAY? Commenting on the issue, the cyber law expert, Pawan Duggal, said:"We have some basic challenge in this case. The first being that the hacker is located outside the physical boundary of India so the Indian law would not apply. Clearly, in this case it will take a long time to get him to India so virtually we have no effective remedy in this case. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- 100 Embassies and governments hacked in global security breach hack the gov (Aug 31)
- Re: 100 Embassies and governments hacked in global security breach hack the gov (Aug 31)