Peace for the World

Peace for the World
First democratic leader of Justice the Godfather of the Sri Lankan Tamil Struggle: Honourable Samuel James Veluppillai Chelvanayakam

Tuesday, November 8, 2016

India: 7 embassy websites hacked, data released online

Hackers reportedly breached Indian Embassies' websites to highlight vulnerabilities. Pic: Gualtiero BoffiHackers reportedly breached Indian Embassies' websites to highlight vulnerabilities. Pic: Gualtiero Boffi


 
THE websites of seven Indian embassies in Europe and Africa have been hacked and the data gleaned from them released online, as officials work to restore the sites and control the damage.
According to the Associated Press, the Indian embassies in Italy, Switzerland, South Africa, Libya, Malawi, Mali, and Romania had their websites breached by hackers, who have identified themselves only as Kaputsky and Kasimierz L.
External Affairs Ministry spokesman Vikas Swarup told reporters on Tuesday that officials are aware and are trying to rectify the problem.
The hackers released information on some embassy staff members online, including names, email addresses, phone numbers, and passport numbers. Officials are attempting to track their IP addresses.
Kaputsky was quoted telling the Hindustan Times: “We did it because their security was poor and as the Indian Embassy, they need to have better security.” He added that the websites were so vulnerable, “a six-year-old could breach it”.
The specific vulnerability Kaputsky pointed out is an SWL vulnerability, which allows hackers to insert malicious content into the website’s database using forms already existing on the website. They could also do so via the website code or email, and once the malware is in, the hacker has unobstructed access.
The Hindustan Times reports that the hackers claimed they were under 18 years of age and from the Netherlands.
Additional reporting by the Associated Press
***This article originally appeared on Tech Wire Asia