Light Dark
November 8, 2016 By Douglas Bonderud 2 min read

With governments rapidly expanding online service capabilities, it’s no surprise that nation-states have begun to attack each other’s websites and databases to advance federal agendas.

According to The Hacker News, however, seven Indian Embassy websites were recently attacked not by nationalists or hacktivists, but by penetration testers who wanted government IT to “pay attention to the issues with their crucial websites.” This Indian Embassy hack exposed hundreds of personal records belonging to Indian citizens and students living abroad.

Penetration Testers Gone Rogue

When it comes to embassy cyberattacks, the most likely scenario involves another country either covertly or openly causing trouble to prove a point. As noted by Softpedia, for example, Turkish cybercriminals defaced the website of Russia’s Israel-based embassy in January 2016.

Additionally, The Express Tribune reported that actors known as Intruder and Romantic compromised seven Indian Embassy websites in June, taking down official functions and leaving pro-Pakistan messages in their wake. This latest embassy web attack, however, seems unrelated to any international conflict and was likely more a test of IT security.

The hackers, known as Kapustkiy and Kasimierz, claimed India’s IT defenses were “poor.” Multiple domains were tied to SQL injection, enabling the actors to compromise the web app and steal sensitive information. They also discovered that user and admin passwords were stored in plaintext without any type of hashing — which is bad news for any site that records and stores personal data.

Indian Embassy Hack Exposes Hundreds of Records

According to The Huffington Post, Kapustkiy and Kasimierz were able to compromise sites in South Africa, Libya, Italy, Switzerland, Malawi, Mali and Romania. Once inside embassy databases, they stole personal information belonging to more than 500 Indian citizens, most of them students, and uploaded it to Pastebin.

Everything from names and passport details to phone numbers and email addresses were made publicly available, although it appears the hackers took the data down after a few days.

While the so-called penetration testers claim they “did not leak anything like real addresses, city or zip code,” according to The Hacker News, and their intention was simply to draw more attention to IT security on the affected websites, other nondisclosure avenues would have served the purpose just as well.

Lessons Learned

Regardless of their intentions, however, the recent Indian Embassy hack raises two important points. First, governments must adopt more proactive web security policies. Leaving embassy sites open to SQL attacks and storing passwords in plaintext presents an easy avenue of attack for even entry-level cybercriminals.

The rise of self-starter security professionals, meanwhile, means that governments must be prepared for security notifications that don’t follow the accepted pattern of “breach, report, disclose,” with disclosure only occurring if issues are not resolved in a timely fashion.

Put simply, if web systems aren’t secure when they go live, governments can expect to see citizen information posted on Pastebin and reported by IT security news outlets. That’s not exactly great national PR or good for citizens’ peace of mind.

 |  |  | 
Douglas Bonderud
Freelance Writer

More from

November 15, 2024

Cybersecurity dominates concerns among the C-suite, small businesses and the nation

4 min read - Once relegated to the fringes of business operations, cybersecurity has evolved into a front-and-center concern for organizations worldwide. What was once considered a technical issue managed by IT departments has become a boardroom topic of utmost importance. With the rise of sophisticated cyberattacks, the growing use of generative AI by threat actors and massive data breach costs, it is no longer a question of whether cybersecurity matters but how deeply it affects every facet of modern operations.The 2024 Allianz Risk…

November 14, 2024

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

November 13, 2024

Adversarial advantage: Using nation-state threat analysis to strengthen U.S. cybersecurity

4 min read - Nation-state adversaries are changing their approach, pivoting from data destruction to prioritizing stealth and espionage. According to the Microsoft 2023 Digital Defense Report, "nation-state attackers are increasing their investments and launching more sophisticated cyberattacks to evade detection and achieve strategic priorities."These actors pose a critical threat to United States infrastructure and protected data, and compromising either resource could put citizens at risk.Thankfully, there's an upside to these malicious efforts: information. By analyzing nation-state tactics, government agencies and private enterprises are…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature