The Homepage of BSNL ( Bharat Sanchar Nigam Limited ) http://www.bsnl.co.in/ was hacked today morning by hacking group Anonymous. BSNL is an Indian state-owned telecommunications company, the largest provider of fixed telephony and fourth largest mobile telephony provider in India, and is also a provider of broadband services.
The website's homepage was hacked saying, " Hacked by Anonymous India, support Aseem trivedi (cartoonist) and alok dixit on the hunger strike, remove IT Act 66a, databases of all 250 bsnl site has been deleted.............Do not think of BACKUP" with a images of Mr. Aseem while he was arrested by Police.
Hack was performed by Anonymous India hacking group and claiming to hack whole server, with 250 Databases. Hacker wrote on deface page, that they deleted all the databases and dump credentials of BSNL database servers in a pastebin File.
Analyzing the dump of database
After analyzing the dump of database login information, we found that company is really unconscious about their security from several years and choosing passwords of sensitive servers like "Password123" , "p3nib2", "enquiry999" , "password" , "DelBSi666" , "vpt123". Most obvious, these passwords are easily available in any wordlist and can be bruteforced in minutes.
We can judge the lack of security from the point that, BSNL is using "Password123" as password for 9 Databases.
What is Section 66A of IT Act ?
According to Indian Laws, Section 66A of IT Act is Punishment for sending offensive messages through communication service --
2.) any information that is grossly offensive or has menacing character or any information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred or ill will, persistently by making use of such computer resource or a communication device.
3.) any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such message.
Why Anonymous Hack BSNL ?
Reason 1 : Last Month two girls - Shaheen Dhada and Rinu Shrinivasan - were arrested for posting comments made by them on Facebook against Maharashtra Navnirman ShivSena chief Raj Thackeray. This arrest was under Section 66A of IT Act.
Reason 2 : The Mumbai police arrested Mr Trivedi, a member of the India Against Corruption or IAC, he had put up banners mocking the Indian Constitution during an Anna Hazare rally in Mumbai. The arrest was carried out on the basis of a complaint filed by Amit Katarnayea, a legal advisor for a Mumbai-based NGO. Trivedi has been booked under IPC Section 124 A for sedition, Section 66 A of IT Act and under National Emblem Act, 1971. Here are some of the controversial cartoons posted by Trivedi, followed by a nation-wide protest.
Reason 3 : Its an old reason , Against Censorship ! Few days back The Web site of Communication and Information Technology Minister Kapil Sibal was also hacked by Anonymous India for same reason.
Because all databases has been deleted, BSNL website is down at the time of reporting this news. For those who miss to check the hack page, can Go to Google cache URL.
Update : Trivedi and Alok Dixit have launched an indefinite hunger strike to protect freedom of expression and speech on the internet at Jantar Mantar since Saturday.
The 25-year-old cartoonist is back in action, and this time he is agitating against the arbitrary use of Section 66A of the Information Technology Act, as evidenced by the recent spate of arrests for online comments and emails that "cause annoyance or inconvenience".
|Trivedi and Alok Dixit on indefinite hunger strike|
They want Section 66A of IT Act to be scrapped. "The section gives sweeping powers to the government, which are being misused by influential parties and politicians. With its vague definition and clauses, it is infringing upon the basic rights of citizens as prescribed by the Constitution," said Trivedi to TOI.