The recent hacking of CBI's website by a group called 'Pakistani Cyber Army' has raised questions over the safety regulations of servers provided by National Informatics Centre (NIC), the organisation responsible for maintaining government servers.
The Hacker News

While the NIC maintains a studied silence over the entire issue, sources in the security establishment say that the safety mechanism of the NIC was not up to the mark and several reminders were being sent to them for upgrading their hardware.
The official website of the CBI was hacked by the 'Pakistani Cyber Army' on the intervening night of December 3 and 4. The CBI had yesterday registered a case against unknown persons in this connection.
A report "Shadows in the Cloud" by a Canadian think-tank comprising "Information Warfare Monitor" and "Shadows Server" earlier this year said there was evidence of a cyber espionage network that compromised government, business and academic computer systems in India, especially the office of the Dalai Lama.
According to a Canadian firm, which investigated the hacking of the Dalai Lama's computer, as many as 12 computers of NIC had been hit by the Chinese hackers.
The report said the recovery and analysis of ex-filtrated data, including one that appears to be encrypted diplomatic correspondence, two documents marked "Secret", six as "Restricted", and five as "Confidential". These documents are identified as belonging to the Indian government.
"However, we do not have direct evidence that they were stolen from Indian government computers and they may have been compromised as a result of being copied onto personal computers.
"The recovered documents also include 1,500 letters sent from the Dalai Lama's office between January and November 2009. The profile of documents recovered suggests that the attackers targeted specific systems and profiles of users," the report said.
The sources said besides reports by well-established think-tanks, there were several notes drawing urgent attention of various key ministries about possible intrusion by hackers either based in China or Pakistan trying to infiltrate into the computers.
Agencies have also cautioned against the practice of connecting official computers and laptops with unsecured Internet connections by some bureaucrats thus compromising security.
With hackers mainly from China very active and having penetrated deep into the cyber space, the security agencies had asked all ministries especially the defence, external, home and the Prime Minister's office (PMO) to separate their official computers with those with Internet facility.
The recommendations of the central security agencies seem to have gone unheeded as an official maintained that their suggestion was only recommendatory in nature.
The National Technical and Research Organisation (NTRO) also circulated a do's and don'ts to key ministries recently after attempts from hackers were noticed.
Against the backdrop of concerns over checking of crucial official websites, security agencies have been continuously warning the government about the use of multitasking BlackBerry instruments by some of the officials working in sensitive ministries including the Prime Minister's office.
A quick random check was carried out earlier during which it was found that some of the officials in the PMO were using BlackBerry services and had linked their official emails on the handset, which is not allowed.
The problem dogging the cyber space in the country is constant use of official computers by officials in key ministries despite a warning from security agencies not to link them with the Internet.
Security of many of the computers in the ministry of external affairs and its missions abroad was compromised with forcing a security audit of the machines and segregating the virus affected ones out of the system.
The ministry of home affairs has a separate server for its computers and there have been no attempts to hack its system since it has another server with Internet facility. A surprise check of all the computers is being carried at regular intervals.
The Canadian think tank, in its report, clearly pointed out that there was "evidence" of links between the Shadow network and two individuals living Chengdu in People's Republic of China to the underground hacking community.
Giving details, the report said the the GhostNet system directs infected computers to download a Trojan, known as ghost RAT, that allows attackers to gain complete,
real-time control.
These instances of ghost RAT are consistently controlled from commercial Internet access accounts located on the island of Hainan, People's Republic of China.
"Our investigation reveals that GhostNet is capable of taking full control of infected computers, including searching and downloading specific files, and covertly operating attached devices, including microphones and web cameras.
"China is actively developing an operational capacity in cyberspace, correctly identifying it as the domain in which it can achieve strategic parity, if not superiority, over the military establishments of the United States and its allies.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.