Advertisment

Expert moots approach to fight hackers

author-image
CIOL Bureau
Updated On
New Update

NEW DELHI, INDIA: Loopholes in Post Office Protocol (POP) could have helped the alleged Sweden-based hacker, who targeted websites of embassies and government offices across the world, including 13 Indian accounts.

Advertisment

The Indian accounts hacked included that of the Defence Research and Development Organisation (DRDO). Most of these accounts held classified information.

According to Amuleek Bijral, country manager of RSA (Security division of EMC), hacking incidents were now quite prevalent, though such instances got media attention only when such attacks came to light.

In a separate development, the Bank of India website was also hacked last week.

Advertisment

“A lot of attacks go undetected where information is siphoned out through Trojans and worms. Government sites have vital and sensitive information, and this information in the hands of the wrong person could be dangerous. The key to ensure information security is foremost to frame the right policy measures,” Bijral told CyberMedia News.

He opined that sensitive organizations should adopt a proactive approach rather than a reactive one.

“We still witness that the basics of a strong password are far from adhered too. The right approach here both from a technology as well as security policy standpoint is to enforce two-factor authentication,” he added.

Advertisment

About 100 accounts were attacked by allegedly a Sweden-based hacker last week. Top on the list of passwords that have been posted on http://derangedsecurity.com give access to email accounts of Indian Ambassadors to China, US, Sweden, Germany, Italy, Oman, Finland besides officials of the National Defence Academy and DRDO.

Other accounts included those of the embassies of Uzbekistan, Iran, Afghanistan, Pakistan, Japan, China, UK and Russia.

Similarly, accounts of NDA and DRDO officials revealed their phone numbers, commercial documents, official correspondence and personal mails. The account of the Indian embassy in Germany contained a query by two IIM (Calcutta) students about safety in the wake of recent racial abuse cases in West Germany.

However, it was unclear how the passwords were accessed by the hacker – who has posted his name on the website as Dan Egerstad from Malmo in Sweden.

He claimed that he wanted to expose the chinks in security.

tech-news