In a major cyber attack, several domains of the Indian embassy database were at the receiving end of a major cyber-attack on Monday. The incident compromised personal details like names, telephone numbers, as well as email IDs of people of Indian origin.
The source of the hack, according to reports, originates from the Netherlands. Two hackers allegedly from the Netherlands claimed to have broken into seven Indian High Commission websites, publishing online the login details, passwords and database containing names, passport numbers, email IDs and phone numbers of people of Indian origin.
Reacting to the development, MEA Spokersperson Vikas Swarup said,
We are aware of the problem and are trying to fix itVikas Swarup ,MEA Spokersperson
The hackers with Twitter names Kapustkiy and Kasimierz acted when the embassy ignored their warnings about their less-than-safe internet structure, to prove the danger posed to its diplomats. They subsequently dumped the database on Pastebin.com (which later removed the details).
The Indian embassies in countries like South Africa, Libya, Italy, Switzerland, Malawi, Mali and Romania are said to have been affected by this cyber attack.
The extent of the attack raises serious questions over the existing strength of web security, especially for highly designated personnel like diplomats. The hack has made confidential personal details of the diplomats available to everyone on the internet.
According to the latest update, the embassy seems to have acted on the leak by shutting down the Indian embassy websites in the affected countries. This kinds of attacks have become a common affair lately. This attack has acted as an unofficial security drill for the organisations.
SQL (Structured Query Language) injection is one of the most widely exploited web application vulnerability used by hackers to steal data from online businesses’ and organisations' websites.
This web application vulnerability is typically found in web applications which do not validate the user's input.
It wouldn’t be far-fetched to suggest that similar attacks in the near future could adversely affect the global internet landscape, leaving it vulnerable to the ‘dark side’.
(With Inputs from IANS, ehackingnews)
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)