JAIPUR: Individual and corporate internet users in Rajasthan, beware. You might lose all your data as Pakistan hackers are on the prowl. They attacked and defaced 31 government websites this year exposing the poor handling capacity of web servers by state government.
KhantastiC, a hacker who claimed to be a part of Pakistan Net Army (PNA) reported on 'zone-h.net' the number of 'Rajasthan.gov.in' domain named websites hacked by him since January 16, 2012.
It is estimated that over 70% of government websites are vulnerable to cyber attacks as they were never audited by any competent agency. Another striking feature is that the main domain Rajasthan.gov.in was attacked four times since 2004.
Pakistani hackers have uploaded a 'shell' on the vulnerable website to penetrate into the web server in order to extract information from the source. Ironically this vulnerability was already reported by Jaipur-based cyber crime expert Mukesh Chaudhary in the first week of January.
Senior government officials added that no action was taken on the report as the government failed to find out a capable agency person who could correct it. "It's tough to track down new-age hackers as they connect to Virtual Private Network of countries which do not record IP logs (tracking the user). It leaves users with no choice but to frequently change web security standards," added Chaudhary.
Rajasthan-based experts feel the scenario is very bad in the state. Most of the government and small and medium companies have failed the international standards for web security, not because the procedures are expensive, but because they are apathetic to go for certification.
Himanshu Tiwari, president of NGO 'Cyber Suraksha' explained the modus operandi. He says, "Hackers write codes to exploit a particular type of vulnerability. These programs called robots, continuously crawl over the internet." He adds that even advance Google search options are used to find such sites on the Internet. This also explains why institutes or websites which are not so famous also get hacked.
It is not necessary that the motive behind hacking is to steal data. Sometimes the hackers do it for fun.