Bangladesh-India Cyber War
Several postings in the social media including Facebook and LinkedIn have reported an ongoing cyber war between some hackers based in India and Bangladesh. The postings also confirm that the hackers from both the countries have mostly targeted government websites. The incidence of hacking has increased mainly due to some recent developments, including brutal killings by the Indian Border Security Force (BSF) at the Bangladesh-India border and India going ahead with the Tipaimukh dam construction against public opinion in Bangladesh.
Bangladesh Black Hat Hackers, Expire Cyber Army and Bangladesh Cyber Army have locked horns with Indian Cyber Army and Indishel. In last two days, groups from both the countries hacked hundreds of government websites of their rival countries, the social media reported.
In Facebook, the pages of those groups have also mentioned the names of the sites they have had hacked. So far, the Indian groups have accused that the Bangladeshi hackers have hacked over 6,000 of Indian websites while Bangladeshi hackers say the number of sites hacked by the Indian hackers is over 3,000.
Experts meanwhile said that faulty designs and fragile security made government websites an easy prey for hackers, experts say.
Several government websites have repeatedly been hacked in the last one year by local and foreign hackers. Though the sites were restored after a short while, experts fear they may be destroyed again if web security is not strengthened.
The Independent talked to a number of web designers and programmers and they said government sites were being hacked because of their poor design and maintenance.
Julfiqar Ali Bhuiyan, an award winning freelance web designer, told The Independent that the hackers chose government websites as their security features were not as strong as those of commercial websites.
“While designing a site for e-commerce, web security is given the topmost priority as there are economic transactions involved. But government websites are mostly designed to disseminate information, so the security aspect is mostly ignored,” he said.
Bhuiyan said the main problem with the country’s government website was that all of them were under one server. “So if the firewall of one of websites is breached, the rest get vulnerable too,” he said.
The government sites can be made safe through VPS hosting, which inherently provides greater security as it’s separated from other sites, he said.
“Also you can have customised firewalls and install other security measures that most of the hosts won’t allow on shared accounts. Basically, a VPS allows you to take a more active role in your website’s security,” he said.
Another programmer, however, said government sites don’t need costly VPS hosting to beef up their security. Just by downloading the newest versions and updates of Windows, WordPress and antivirus platform, the applications or website could be made hard to crack, he said.
The programmer further said that instead of open access scripting language like PHP, designers should go for suPHP. With suPHP, access is limited to the user or to those explicitly granted permission to access it, he opined.
Mahbub Jaman, president of Bangladesh Association of Software and Information Services (BASIS) said every government entity had dedicated personnel to maintain and update their websites. Unfortunately, one can find that the sites are neither updated at the front end (user view) nor at the back end (admin), he said.
“By maintaining simple practices such as updating any of the server security patches, changing the password at the admin panel on a regular basis and hiding the panel could make the sites stronger,” he said.