New victim in India-Pakistan 'cyberwar'
The "cyberwar" between India and Pakistan has claimed another victim, with the hacking of a high-profile lawmaker's website that experts say highlights the woeful lack of Internet security in South Asia.
A group calling itself the Pakistan Cyber Army said it hacked into the website of independent Indian MP Vijay Mallya, a flamboyant liquor baron, who is also head of Kingfisher Airlines and the Force One Formula One racing team.
"This is payback from Pak Cyber Army in return to the defacements of Pakistan sites!" the message on www.mallyainparliament.com said, according to Indian media. "You are playing with fire! This is not a game kids.
"We are warning you one last time. Don't think that you are secure in this Cyber Space. We will turn your Cyber Space into Hell," the message added, warning of "revenge" if Indians hack any Pakistani websites in retaliation.
Mallya, who also owns Indian Premier League cricket outfit the Royal Challengers Bangalore, has vowed to take up the matter with the government in New Delhi and police.
Security analyst Ajai Sahni dismissed the hacking, which coincided with Independence Day celebrations on both sides of the border at the weekend.
"They hack through any number of sites every year. It's just a bunch of kids who have got nothing better to do," said Sahni, the executive director of the Institute for Conflict Management in New Delhi.
"The more serious threat is not this kind of childish prank but Pakistan's use of net-based communication for actual terrorist operations," he told AFP.
The Pakistan Cyber Army claims to have hacked a number of Indian websites in recent years, including India's state-run Oil and Natural Gas Corporation, in retaliation for Indian hackers accessing Pakistan sites.
It is the latest in a tit-for-tat campaign by groups on both sides dating back to the late 1990s when tensions over the disputed Himalayan territory of Kashmir brought the nuclear-armed neighbours to the brink of war.
Indian IT specialists said they were unsurprised at the latest incursion because of the lack of awareness about Internet security across the country, including in the corridors of power.
"It's non-existent," said Vijay Mukhi, a self-styled Internet security "evangelist" in India's financial capital Mumbai, who writes on computer technology.
Indians place little or no value on the kind of data individuals and organisations in many countries prefer to keep confidential, like passport and bank account details or work contracts, he said.
"Privacy is a concept not rooted in India culture. I don't think we can change that and I don't think it's going to change in my lifetime," said Mukhi.
"The government doesn't care" about protecting information online, he said. "Corporates for some reason just don't want to spend the money. They don't think it happens often.... Web security is a low priority."
Arun Prabhudesai, who writes about business and technology issues, said the ease with which websites can be set up is adding to the problem -- and will only get worse as more Indians get online.
"The people who do it don't have enough knowledge of security. That's why Vijay Mallya's site got hacked," he said.
According to the Indian Computer Emergency Response Team, a government agency that tracks IT security issues, more than 3,600 Indian websites were hacked in the first six months of this year.
Canadian researchers in April pointed the finger at a China-based network for stealing Indian military secrets via a "Trojan" virus as part of an elaborate cyber-espionage scheme targeting computers worldwide.
Prabhudesai said software to find "back doors" into websites is easily available and many of India's growing number of IT specialists have themselves taken to hacking, although more out of curiosity than malice.
Computer security firm Symantec said India had a surge in malicious activity in 2009, sending it from 11th to fifth spot on the list of sources of Internet security threats, including viruses and spam.
(c) 2010 AFP