Every few months, a “talented” group of hackers from either side of the border lay claims on defacing an Indian or Pakistan website.

The “rivalry” between India and Pakistan is considered to be an inherent part of both countries’ history and culture, influencing every field, from sports, movies to even marketing campaigns. It should therefore come as no surprise to the current tech-savvy crowd that cyber attacks have been added to this list.

Every few months, we hear about some independent and “talented” group of hackers – boasting colourful names like Pakistan Cyber Army, Indian Cyber Army, Pakistan Hackers Club, Pakhaxors, Predators PK, Hindustan Hackers Organisation and so on – defacing yet another Indian or Pakistani website. Mostly, the homepage is littered with poorly-worded patriotic statements and taunts that often provoke the other nation’s hacking groups to retaliate.

Although these attacks have been occurring intermittently since the late 90s, they seem to have escalated since the Mumbai terrorist attacks in 2008. While previously these hacks targeted popular but harmless websites, the trend has gradually moved to defacing major government and law enforcement websites.

Anatomy of an attack In this context, a cyber attack is usually triggered by some act of violence or aggression from the rival country. Within a span of hours, these groups of hackers locate a high-value website that doesn’t have adequate cyber security in place, and gains root access to the Web server by hacking into it.

The homepage is defaced and replaced with juvenile comments. Often, these hackers block visitors’ access to important information. Such acts, of course, lead to more cyber defacements, with the most “coveted” targets being government websites.

Some of the notable attacks from the recent past are listed below:

November 2010: A fresh round of the India-Pak cyber war kicked off last year when a group known as the Indian Cyber Army hacked around 40 high-profile government websites, including that of the Pakistan Army, Ministry of Education, Ministry of Finance, and the Ministry of Foreign Affairs. The apparent motive behind this was to protest against the Mumbai attacks.

The title page of these websites was imaginatively replaced with the famous World War II image of soldiers struggling to raise the US flag in Iwo Jima (of course, in this case, the Indian flag replaced the American flag).

December 2010: In retaliation to the attack mentioned above, the Pakistan Cyber Army (PCA) successfully hacked around 270 Indian websites with the most notable being of the high-profile Central Bureau of Investigation (CBI). Again, the homepage was vandalised with insulting comments regarding India’s cyber-security.

The PCA also promised that a widespread defacement of Indian websites would be carried out if further attacks [on Pakistani websites] occurred. The attack raised enough eyebrows for India to start a probe into Pakistan’s cyber attack capabilities and register a case against the PCA for hacking and defacing its official websites.

The Pakistan Cyber Army, however, soon released a statement calling for a ceasefire between the two countries’ hacking groups, insisting that they had only retaliated against the hacking of the Pakistani government websites by the Indian Cyber Army.

The group further said that not a single record from the CBI website database had been deleted or tampered with. Their plans to mass-deface Indian government websites had also been dropped. Ironically, they also advised the younger generation not to emulate them and instead focus on their studies.

July 2011: Although things appeared to have cooled off after the apparent ceasefire, the 2011 Mumbai bomb blasts once again triggered off cyber attacks, with the Indian Cyber Army defacing the popular Pakistani website Songs.pk. The message posted on the website warned “anti-Indians” that the group was “coming with huge speed,” and that “there will be no one to save” them.

September 2011: The website of the Supreme Court of Pakistan was hacked by a group of hackers that demanded stronger action to be taken against objectionable websites and made snide remarks about the Chief Justice of Pakistan. Soon after, the website of Pakistan Telecommunication Authority (PTA) was also hacked with the same protests advocated. What made this attack unique was that it was committed internally, showing that hacktivism was now a definite reality in Pakistan.

October 2011: The homepage of Criminal Investigation Department (CID), of the Indian West Bengal was hacked by a group calling itself the Muslim Liberation Army. Protesting against the killing of civilians in Jammu and Kashmir, the attackers demanded the Indian government take measures to stop such actions. Through analysis of the server logs, CID officials stated that they had traced the attackers to Lahore via a proxy server in the US.

Combating the “Armies” The attacks mentioned here is only the tip of the iceberg, but they all point to the fact that government websites are now in the cross-hairs of hackers – local and international. It is no secret that government entities are on an entirely different level from private organisations, with numerous bureaucratic hurdles in place for even the most trivial tasks.

However, cyber attacks occur in real-time and slow response to such attacks is unacceptable for any nation. Similarly, even a superfluous survey of government organisations will reveal that there is little awareness of information security among the employees, with security audits rarely being conducted.

The November 2010 attacks by the Indian Cyber Army revealed that all the Pakistani government websites shared the same server, indicating that once the hackers gained root access, defacing all of the 40 websites was child’s play.

Government institutions need to allocate proper budgets for the hiring and training of Computer Emergency Response Teams, and raise the level of security awareness among their staff. This is certainly no small feat, given the nature of government organisations and how the average government employee thinks!

Why bother? Although Pakistan is far behind in the concept of e-governance, this cannot last for long. Inevitably, as a nation, Pakistan must and will join the list of countries that have moved most governance-related activities to the Web, in order to facilitate its citizens.

Various initiatives like branchless banking for poverty-stricken people, Virtual University, and e-balloting are already becoming available. Needless to say, these require strong cyber security measures to succeed.

The immensely talented individuals in these hacker groups should come together and help secure their respective country’s digital assets, and start other, more productive projects to truly serve the nation.

But this won’t be possible until the Government of Pakistan realises that this enormous talent should be channelled into helping secure our own cyber infrastructure against future attacks. According to a recent news report, the Pakistan Military is launching a school in collaboration with NUST School of Electrical Engineering and Computer Science to educate new recruits about techniques for defence against cyber attacks.

It would, be a national blunder if the huge potential in these talented individuals continues to be wasted in such misguided acts of ‘patriotism’. Instead of using their skills to help their respective nations, they are wasting their time and talent by indulging in meaningless acts of “cyber graffiti”, where websites – due to no fault of their own – are vandalised.

Engaging in ego-driven battles across cyber space should be abandoned by both Pakistan and India’s hacking groups for the sake of prosperity of both nations.

Taimur Ijlal wrote this article for the December 2011 issue of Spider magazine.

Updated Dec 17, 2011 07:18am

More From This Section

Comments (16) (Closed)


Burhan Ahmed
Dec 17, 2011 01:07pm
Pakistan should have laws against hackings!
Sunny
Dec 17, 2011 01:37pm
Nice article!
Vidyut
Dec 17, 2011 03:08pm
Well said. It is the disenfranchisement of talent that leads to such waste. the same individuals can help design excellent security.
Hawkish
Dec 17, 2011 05:47pm
No we shouldn't have laws against hacking indian sites,
Papa
Dec 17, 2011 06:11pm
Could be some third country hacking both country systems & laughing thinking how easy it is to fool two stupid countries .
S. singh
Dec 17, 2011 06:56pm
Well said.
Irfan Ahmad
Dec 17, 2011 09:34pm
Great article. And yes, the talent-pool of both countries needs to be converged into something meaningful. Both the lands can do wonder once they are together.
matta
Dec 18, 2011 12:42am
actually website hacking is not a big deal and most of these guys are kids mostly based in UK, USA, Canada. do you think the real technocrats do his??? real hackers employed by the respective armies do more damage than these kids.
Swami Pranab Roy
Dec 18, 2011 01:01am
Nice article. I am an Indian but fully agree that the talented hackers from both sides should stop playing the ongoing negative games between the two countries. Time to be friend for ever.We are the best..we all know that. Isn't it ? _/_.
Ghalib
Dec 18, 2011 03:05pm
agree with Papa, if you see most of the time when we are fighting each other on youtube or facebook, it is the others who are having fun.
Waqas
Dec 18, 2011 04:37pm
Well I am impressed by ZHC Z Company Hacking Crew, which is hacking indian sites and protesting against indian occupation against Kashmir. Anyway... nice article :)
cann
Dec 18, 2011 06:53pm
Some would say great game. Life is about challenges.
TheTruthful
Dec 18, 2011 07:40pm
The kids on both sides of the border who do this are wasting their time. Why not do something useful for their respective countries? Hack into a local government website and expose money laundering and corruption? That would be the intelligent thing to do.
P.G.W.
Dec 18, 2011 11:57pm
Yeah ! Cos that's the only noticeable thing you can do in Cyber world.
Aamer
Dec 19, 2011 03:43am
On the contrary, both countries need to enforce stringent laws against such acts of cyber vandalism and put this "talent" where it really belongs - behind bars.
No Name
May 17, 2012 10:12am
I am totally disagreed that website hacking is an easy activity, simple defacement is not a big deal, but there are the addicted hackers who fight for an ideology out there. I myself, is a member of Pak Cyber Hunters, and ask us, how do we take struggle to do against objectionable sources online, however, I believe not to harm any innocent sites, is a good sense. Thanks