This incident is extremely worrying because it involves diplomatic personnel working in the embassies that have always been a favorite target of state-sponsored hackers launching cyber espionage campaigns.
Security pen-testers who go by the name Kapustkiy and Kasimierz have claimed responsibility for the hack and told The Hacker News that the reason behind the hack was to force administrators to consider the cyber security of their websites seriously.
In Pastebin link shared on their Twitter account, the hackers claimed to have hijacked Indian Embassy websites in Switzerland, Italy, Romania, Mali, South Africa, Libya, and Malawi and leaked personal details of hundreds of Indians, including students studying abroad.
The pair exploited a simple vulnerability in the targeted websites in an effort to gain unauthorized access to the databases.
The Hacker News team has analyzed those hacked sites and found they are vulnerable to SQL Injection vulnerability that allows an attacker to inject malicious SQL commands (payloads) to the web application and steal database containing sensitive information.
"We did it because their security was poor, and several domains related to the Indian Embassy had the same vulnerability. This proves that a lot of people can not trust the "Embassy." We hope that this problem will be fixed in the future." hackers told The Hacker News via email.
"We did not do it for the lulz or something, but we did just for them to pay attention to the issues with their crucial websites. Also, we did not leak anything like their real address, city or zip code, which is available in the database."The leaked data shows that the targeted websites are so insecure that even user and admin passwords are also stored in plaintext without any hashing mechanism.
Is India Prepared for Cyber Attacks?seven other High Commission websites in Tajikistan, Romania, Greece, Turkey, Mexico, Sao Paolo and Pretoria were hacked and defaced by Pakistani hackers.
However, it seems like the Indian government did not take the incident as a lesson to tighten the security of its critical infrastructure that is all time favorite target of black hat and nation-state actors and could put nation’s security at risk.
Since past two and a half years, from when Narender Modi has come into power as Prime Minister, we have heard so much about Digital India Programme – an initiative championed by Government of India that aims at making all government services electronically available as well as providing high-speed Internet connectivity nationwide.
The Department of Telecommunications has stated multiple times that the Indian government is very serious about the cyber security threats and is taking all the necessary initiatives in this direction.
The initiative also includes vision to broaden digital infrastructure in the country with new technologies, but so far we have not seen any ground level initiative to tighten up the security of at least websites that represent various crucial government departments, agencies, services, and programs.
Not convinced yet? Let me put some stats to make my point clear.
A report from cyber security company FireEye found that 38% of organizations in India were exposed to targeted advanced persistent attacks in the first half of 2015, that's 23% increase from the previous report.
"India is fast becoming a strategic target, in part because of the potentially sensitive information that is expected to be digitized through ambitious and high-profile projects such as Digital India," the report stated.Last year, an annual report from CERT-In noted that over 26,244 India websites were hacked, which includes hundreds of government websites.
Also, more than 35 Indian central and state government websites have recently been hacked by Pakistani hackers after India did surgical strikes across the Line of Control (LoC), Economic Times reports.
Another survey says that cyber crime incidences in India have drastically jumped in past year, with 72% companies in the country falling victim to online attacks.
So far we haven't completely tackled security of our websites and a stream of Internet of Things (IoT) cyber attacks have dramatically increased the threat landscape in past few months only, which should be addressed immediately.