The term hacking is generally perceived to be a western concept in India and Indians feel that they are immune to cybercrime. Nevertheless, the history of hacking in India is not obscure given the rage of ‘Legion’ spreading like a wildfire.
In today’s world of Information Technology (IT), it has become easy for all and sundry to access information, data storage etc. Due to increase in the number of netizens, misuse of technology in the cyberspace was clutching up which gave birth to cybercrimes at the domestic and international level. Cybercrimes comprise of various layers and divisions such as cyber stalking, defamation, hacking, email spoofing, cheating and fraud, cyber terrorism and so on. But our point of interest here is hacking in the Indian context.
India has experienced hacking in the past. Legion is not the first hacking group to remind us of our poor cyber security. There have been cases in the past which have exposed our security systems wide open but mostly done by people from our country in order to warn us about the incapability of securing public data and databases safely.
One of the most infamous and old hacking group is GForce, a group of anonymous hackers based in Pakistan, known to have fought Pakistan’s first cyber war with India back in 1997. The group, critical of India and its claim over Kashmir, have confessed of hacking several Indian sites run by the Indian government, private companies and scientific organisations. Data says that India spends only 0.08 percent of their technology budgets on security compared to the global average of 5.5%.
Former CBI Director R.K Raghavan said that a number of cases hacking of Indian internet sites have been traced back to Pakistan. According to him cybercrime is the crime of the future. President of India’s National Association of Software and Service Companies Dewang Mehta conceded that uniform laws against cybercrimes which involves abuse of computer systems has made cross-border prosecution of hackers tough.
One of the most infamous cases of hacking in India is by AnonOpsIndia, an arm of Anonymous India. In 2012, the website of Bharat Sanchar Nigam Limited, www.bsnl.co.in, was breached. The homepage carried a message saying the hacking was done by the hacktivist group Anonymous India in protest to section 66A of the IT Act and in support of cartoonist Aseem Trivedi’s indefinite hunger strike at Jantar Mantar for the same. The website was restored on that very day. Shockingly enough, BSNL was said to have set its password as ‘Password123’ to protect its website.
Another major incident of hacking was the security breach of the systems of various banks including the likes of ICICI, HDFC, SBI, Axis and Yes Bank. This is considered one of the biggest ever financial data breaches that the country has witnessed which involved cases of sufferers reporting about unofficial transactions sourcing to China.
Around 2.6 million affected cards belonged to the Visa and Mastercard platform, while 600,000 on RuPay. Card network companies NPCI, Mastercard and Visa warned several banks in India about a potential risk of hacking. Accordingly, SBI took measures and acted immediately on that warning by blocking cards of several customers. Almost all the above mentioned banks advised their customers to change their ATM PIN, with HDFC suggesting customers they change the PIN only at home ATMs because they believed that other non-HDFC ATMs may not have had been equipped enough to be at par with their own security controls.
The agony does not stop here since a report released by the Indian Computer Emergency Response Team (CERT-In) revealed that a total of 90, 119, 252 and 117 government websites were hacked in the year 2008, 2009, 2010 and 2011 respectively by various hacker groups.
Effective measures are need to be taken against the onslaught of cybercrimes especially hacking since it is not only difficult to trace such crimes but also to detect and book criminals since the laws have not kept pace with technology.
Special stress needs to be given to security features while developing computer systems since it’s difficult to attribute guilt because the act of encroaching upon and tampering virtual data may not be specifically provided for in law. Government is aware of this situation which needs legislation in the area of cybercrimes and accordingly the expert agencies have managed to draft laws. Determining the ills of computer crimes, the CBI has taken a very proactive lead by preparing itself with a Cyber Crime Unit as a panacea to this virus.