Previous Post: Faceless cyber warriors [Vol-3]
Sumon Ahmed Sabir, vice president of Internet Service Providers Association of Bangladesh (ISPAB) and a cyber security expert in Bangladesh, opined that the security features are vulnerable in most government owned websites. ‘That is why a large portion of the websites hacked belong to the Bangladesh government. Not much of technical expertise is required to hack most of these websites which are very poorly coded. Skills and expertise are utilised when websites hacked are of professional standards,’ he said to Xtra.
A BCA representative said that hacking has become convenient in South Asia due to lack of proper security measures. ‘Of all the South Asian countries, India’s web security is at considerably better standard, with Pakistan coming at second and Bangladesh’s being minimal,’ he said, claiming that from all the South Asian countries, India’s hacker community is also the biggest.
He explained that as hackers use various proxy servers and, after each attack, the hacked server logs are cleared. ‘So, when cyber crime authorities check, they find that the server was accessed from various parts of the world,’ he said.
When Xtra asked the Bangladesh Telecommunication Regulatory Commission (BTRC) whether investigations are underway to identify hackers that defaced the Bangladeshi sites, Md Giashuddin Ahmed, vice chairman of BTRC, said that the government has formed a committee, including BTRC officials to take steps to stop the cyber war and other form of cybercrimes.
‘The committee has held two meetings and will suggest an action plan to stop such cyber crimes,’ he said. Giashuddin Ahmed added, ‘As per the government direction, a specialised team is closely monitoring online activities and contents of blogs and social networking sites to track online offenders,’ although till now, ‘no hacker has been traced so far and the operation procedure is yet to be finalised.’
Hackers are confident that during the so-called cyber war, ‘Bangladeshi hackers did not violate article 56 of Information Communication Technology (ICT) Act, 2006 of Bangladesh, as there was no financial loss or destruction of data while hacking the sites.’
Sub-section 1 of article 56 of the ICT Act, 2006 states, ‘If any person-- with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person, does any act and thereby destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means; damage through illegal access to any such computer, computer network or any other electronic system which do not belong to him; then such activity shall be treated as hacking offence.’
Sub-section 2 of the same article in the Act states, ‘Whoever commits hacking offence under sub-section (1) of this section he shall be punishable with imprisonment for a term which may extend to ten years, or with fine which may extend to Taka one crore, or with both.’
Sumon said, that while he cannot justify the practice of hacking of Bangladeshi and Indian websites, ‘the intentions of attacking the websites on both ends were not aimed at damaging them. They only removed some contents, put some images, used cursive words or shut it down temporarily. There was no intention to cause financial damage. The attack was aimed at generating propaganda.’
He continued, ‘The contents in our present ICT Act only protect us of local violations. Internet is something that goes beyond the territory. Hence, addressing online crimes is still a grey area. It could be someone sitting in the United States, using a computer server in India to initiate an attack on a Bangladeshi website. Under such circumstances, there is hardly enough evidence because the logs can be cleared. So, addressing the issue is still a very complicated process.’
***
Hackers further divulged that even when Pakistan and Indian hackers have been at each other’s cyber security since 1998, the hacker communities of Bangladesh and India always maintained a friendly relation.
The ‘ties’ were strained following spread of a 10-minute long video clip where BSF personnel stripped and tortured Habibur Rahman, a 22-year-old Bangladeshi cattle smuggler who had crossed the border to India. The clip was aired by media across the globe on January 18 and 19.
India claimed to have suspended the eight BSF personnel but did not apologise for the incident. On the other hand, Bangladeshi ministers said they were ‘not worried’ about the incidents at the border.
Adding fuel to Bangladesh public’s outrage on February 8, was BSF chief U K Bansal’s comment to the BBC that firing at India-Bangladesh border will continue ‘so long criminal activities would continue to take place’. The statement seemed to be in contradiction to Indian Prime Minister Manmohan Singh’s assurances, while visiting Dhaka in September 2011, that non-lethal measures will be taken against Bangladeshi suspects at the border.
‘After all this, the temporary deactivation of five Bangladesh government sites by Indian hackers seemed like a call for cyber war,’ said a BCA representative.
Implying that protests against border killings and the Tipaimukh dam construction is a form of ‘hacktivism’, Bangladeshi musician, blogger and cyber-activist Maqsood Haque said, ‘The moves by Bangladeshi hackers are signs of frustration as the Bangladesh government did not properly address these issues.’
According to Dhaka-based human rights organisation Odhikar, around 31 Bangladeshi nationals were killed by the BSF in 2011.
New York-based Human Rights Watch in a 2010-study claimed that more than 900 Bangladeshis and 164 Indians were killed by the BSF between 2000 and 2010 at the India-Bangladesh border. Poor Bangladeshi border residents smuggle cattle from India to Bangladesh as cattle prices are 35 to 40 per cent higher in Bangladesh.
‘It is tragic that despite taking legal actions against these smugglers, BSF shoots to kill them and our government does not even protest,’ lamented Haque. He continued that while tracking down hackers may be tough for authorities as hackers may be operating from 20 different Internet Protocols (IPs), ‘If apprehended the hackers may face severe repercussions.’
‘We are preparing the operation procedure that will be finalised on the third meeting of the committee going to be held on March 8,’ said Giashuddin Ahmed while speaking to Xtra last week.
Sumon Ahmed hoped that Bangladesh will learn from the recent incident. As the country is gradually becoming IT-enabled, ‘When transaction-based websites will emerge in the country that is when we will be affected most,’ he warned.
He pointed out that because of poor security on our web servers, other countries are becoming affected. ‘Hackers are using Bangladeshi servers as proxy or phishing sites to acquire passwords and usernames of prominent international banks and other e-commerce websites, which allow them to transfer money to their desired accounts. Just because we are not being affected, we are not being concerned. But such fraudulent websites are very common and we receive a lot of complaints from the CERTs (Computer Emergency Response Teams) of other countries,’ he added.
He concluded that although the word ‘hacker’ was not always a negative term, ‘Not all hacking is bad or should be considered so. Somebody identifying a bug or informing the authority is a noble job. Unless and until that bug is exploited to attack it is a good deed.’
___End___
Additional reporting by MH Kawser
by Syed Tashfin Chowdhury
Source: New Age Extra
0 comments:
Post a Comment