December 26, 2006
New Delhi: According to an analysis by the Department of Information
Technology India remained an Internet hacker's paradise in the first
half of 2006.
A survey conducted by Computer Emergency Response Team (Cert-In) shows
that till June this year, 39 '.gov.in' sites were defaced, which is 15
per cent of the total number of hacked sites in the '.in' domain while
81 '.co.in' websites were defaced.
The Emergency Response Team at Cert-In handles computer security
incidents in India.
Of the total 1,752 Indian websites defaced, 67.5 per cent were '.com'
domain websites and 15.9 per cent were '.in' websites.
There has been a phenomenal increase in the '.in' domain (India
specific) defacements. The first half of 2006 saw 278 '.in' websites
being defaced - the majority of these were commercial websites.
This is a huge leap from 2005, when the number of websites that were
defaced in the whole year amounted to 373.
A high number of Country Code top level domain sites -- .co.in, .net.in,
.gov.in, .org.in, .nic.in, .ernet.in, .ac.in and .res.in -- were defaced
with commercial sector contributing 68.3 per cent of the defacements and
Government sector had a share of 27.3 per cent of this.
Three Indian Government sites were also defaced on the VSNL network were
-- www.fmc.com, www.railnet.com and www.ieg.com.
Government officials have told PTI that most defacements result from
hackers using pre-fabricated exploits to gain administrative control of
the target system and then replacing the web pages hosted on the system
with their own systems.
On rare occasions, attackers may not have had an opportunity to gain any
user-level privileges on the target server but were able to take
advantage of poorly written web scripts or vulnerability of web servers
to carry out the defacement.
Subscribe to InfoSec News