• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
GPS Spoofing / Drone Hacking
January 15, 2012
Carrier IQ
January 31, 2012

Indian BlackHat Group Defaces Pakistani Government Websites

January 22, 2012

The cyber war between India and Pakistan continue to rises as an Indian blackhat group Indishell defaced 30 Pakistani government websites only a few days ago including sites such as pak.gov.pk, paknavy.gov.pk, sindh.gov.pk, etc. The reason behind this recent attack was in retaliation to the hacking of the official website Bharatiya Janata Party (BJP) of Karnataka which was defaced by a Pakistani blackhat group. We fear that this war is going to continue to rise to increasing numbers in the near future.

Prior to this attack, Indishell already attacked other high profile Pakistani sites. Indishell believes that the government of Pakistan is involved with various Pakistani attackers instructing them to hack Indian sites. The Pakistani government also received a notice from Indishell as a message on one of the recently hacked websites.

The rivalry between Indian and Pakistani hackers has been going on since years now. This only goes to show that the governments of both Pakistan and India fail to understand the importance of securing official websites along with other websites from attackers, due to which huge security vulnerabilities seem to exist which makes it extremely simple for attackers to exploit.

How did the situation get so bad? In all honesty, it’s the fault of the hosting provider and the application developer of the websites that got attacked.  First of all, the hosting infrastructure should have been properly secured and segregated. Applications and servers should have been audited for security and hardened according to a standard. Blackhats tend to target the web application first and exploit it to access the server hosting the website. So, it’s a jack pot for an attacker if he gets access to the server which hosts multiple sensitive websites. Following is a list of Pakistani government websites that were hosted on a single server (50.23.225.39-static.reverse.softlayer.com) that got attacked:

census.gov.pk
cii.gov.pk
cmpunjab.gov.pk
cmsindh.gov.pk
commerce.gov.pk
desto.gov.pk
dgip.gov.pk
eadtraining.gov.pk
fab.gov.pk
fgehf.gov.pk
fia.gov.pk
fsa.gov.pk
ictadministration.gov.pk
infopak.gov.pk
jobs.gov.pk
joinpaf.gov.pk
lmis.gov.pk
met.gov.pk
mfa.gov.pk
moe.gov.pk
mofa.gov.pk
mopw.gov.pk
na.gov.pk
nab.gov.pk
navtec.gov.pk
nespak.com.pk
nhmp.gov.pk
nidu.gov.pk
nip.gov.pk
nr3c.gov.pk
nrb.gov.pk
ntb.gov.pk
ntc.net.pk
paec.gov.pk
paf.gov.pk
pak.gov.pk
paknavy.gov.pk
parc.gov.pk
pasc.gov.pk
pbm.gov.pk
pc.gov.pk
pcp.gov.pk
pcsir.gov.pk
pha.gov.pk
pifra.gov.pk
pmad.gov.pk
pof.gov.pk
ppqp.gov.pk
privatisation.gov.pk
psf.gov.pk
pta.gov.pk
savings.gov.pk
senate.gov.pk
shydo.gov.pk
sindh.gov.pk
sindhpolice.gov.pk
supremecourt.gov.pk
topians.edu.pk
www.cmpunjab.gov.pk
www.commerce.gov.pk
www.dgip.gov.pk
www.eadtraining.gov.pk
www.fab.gov.pk
www.fgehf.gov.pk
www.fia.gov.pk
www.infopak.gov.pk
www.jobs.gov.pk
www.joinpaf.gov.pk
www.met.gov.pk
www.mfa.gov.pk
www.moe.gov.pk
www.mofa.gov.pk
www.na.gov.pk
www.nab.gov.pk
www.navtec.gov.pk
www.nespak.com.pk
www.nhmp.gov.pk
www.nip.gov.pk
www.nr3c.gov.pk
www.nrb.gov.pk
www.ntc.net.pk
www.paec.gov.pk
www.paf.gov.pk
www.pak.gov.pk
www.paknavy.gov.pk
www.parc.gov.pk
www.pbm.gov.pk
www.pc.gov.pk
www.pcsir.gov.pk
www.pha.gov.pk
www.pifra.gov.pk
www.pof.gov.pk
www.ppqp.gov.pk
www.psf.gov.pk
www.pta.gov.pk
www.savings.gov.pk
www.senate.gov.pk
www.sindh.gov.pk
www.sindhpolice.gov.pk

It’s very saddening to know that so many high profile government websites are hosted at a third-party hosting provider and possibly even on a same server, a poor practice for websites that has information of extreme sensitive nature. This is the same server that hosts websites for National Telecommunication Corporation (NTC)– www.ntc.net.pk – Official IT&T Service Provider for Government of Pakistan and the abandoned National Response Centre for Cyber Crimes (NR3C) – www.nr3c.gov.pk. We wonder if these organizations actually noticed this defacement and decided to take security seriously. It’s never advised to put all eggs in one basket. Moreover, even when hosting multiple websites on the same box, server should be configured in such a way that even though if an attacker is able to exploit an application, he should not be able to access the server and other websites.

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.