Rohan Joshi and your truly have a brief in August 2011 edition of Pragati covering the “weird” compromise of National Security Guards’ website and the downtime of National Investigation Agency’s website.
Defacement of websites is a routine occurrence and usually not a cause of major concern, apart from the embarrassment caused by the negative publicity. However, unauthorised access to the email system is a different matter altogether. Depending upon the practices being followed, this could either have leaked encrypted digital communication between various officials in NSG and beyond, which would be of no practical use to the attacker, or could have revealed unencrypted emails discussing sensitive topics. The details have been sketchy but at least one media report states that the computer system used by an arm major-general had been ‘hacked’ into, as it was discovered that a number of “letters” were sent on the behalf of the general officer.
After the brief was sent off to the editors, the Minister of State for Communications and Information Technology, Sachin Pilot, told the Lok Sabha via a written reply that a total of 117 Government websites were defaced during the period January – June, 2011. With regards to the situation of the NIA’s website the press release goes on to say:
The reply further stated that the information on the website of National Investigation Agency (NIA) is temporarily disabled. Since the website of National Investigation Agency was not hacked, no inquiry in this regard has been conducted.
It has been a month since the website was taken down and it still is in the state of “maintenance“, which begs the question – why just the NIA website? It sure does looks like the site was compromised in some form or the other. Will we ever know the truth about what was compromised? Unlikely!