Malaysian Hackers Target Indian Websites in Retaliation

Malaysian Hackers Target Indian Websites in Retaliation

Between Wednesday and Sunday last week, a hacktivist group calling itself DragonForce Malaysia claimed responsibility for targeting and defacing at least 70 Indian government and commercial sector websites, which makes data protection become a hot topic again.

According to the national daily Times of India, the organization justified the attacks as retaliation for anti-Muslim statements made by a now-suspended spokesperson for India’s ruling Bharatiya Janata Party.

Malaysian DragonForce

On Friday, the hacktivist group said in response to Nupur Sharma’s apology on Twitter on June 5 that “Words and apologies don’t appear to have the desired impact. We don’t care about your apologies.”

The operators of DragonForce Malaysia’s Telegram channel issued a recruitment message for Operation Patuk, also known as “OpsPatuk.” On Saturday, DragonForce Malaysia made a similar declaration on Twitter, citing over 70 websites that it claimed to have targeted. Educational institutions such as Delhi Public School and Nagpur’s Institute of Science are among the accused victims, as are travel and logistics businesses S.M. Transport Services and R.R. Logistics, as well as government websites such as the Indian Embassy in Israel. According to an investigation of the Internet Archive Wayback Machine by Information Security Media Organization, a statement released by the group on Twitter appeared on the Indian Embassy of Israel’s website on Friday.

More Suspected Victims

In a video posted on Telegram on Friday, the gang claims to have stolen and exfiltrated data from the Bharathidasan University Entrepreneurship, Innovation, and Career Hub. The institution did not react promptly to ISMG’s request for verification of the claim. Its website appears to be under maintenance at the moment, with a countdown timer and a statement indicating that it will be back up in roughly two days.

On Sunday, the organization announced that it had hacked into an undisclosed Indian government database, including images of people’s complete names, passwords, and email addresses.

ISMG’s request for verification of the claim was ignored by the Indian Computer Emergency Response Team and the Ministry of Electronics and Information Technology.

Mandatory Six-Hour Reporting

None of the entities, including the government, have verified the assaults. Beginning later this month, enterprises must disclose data breaches to the Indian Computer Emergency Response Team within six hours of their discovery (see: India to Set 6-Hour Breach Reporting Requirement).

Critics such as Google, Apple, and Facebook have expressed alarm about the reporting requirement, writing to CERT-IN in May to voice their worries about the short reporting period and the need that firms keep full log data for 180 days.

This still demonstrates that cybersecurity cannot be accomplished in a day or two. To secure your system and data, you must begin with the most basic backup and data disaster recovery. A virtual machine backup solution is an excellent option. It can easily safeguard regular commercial and personal data.

READ MORE: All You Need to Know About Solar Panel Systems