• 36,054

  • Advertisements

Hostage on the Net


It is very easy for cyber criminals, cyber terrorists and hackers to hijack a domain on the internet, or crack into a web server. The cracking tools are all there on the net itself.

Ever stopped to think how vulnerable you and your business is on the net? And did you ever realise that at any given point of time, there are probably thousands of online predators trying to pry their talons into your web server.

If you are still skeptical, here are some hard facts: According to Wired, Nike lost control of its homepage a few weeks ago to a group of activists demanding “global justice.” “Global Justice is coming – prepare now!” the erstwhile Nike.com site read, directing surfers to the website of an Australian organisation called S-11. Meanwhile, Web Networks, a non-profit ISP that hosts websites for other non-profit organisations, is still assessing the damage after losing its domain, Web.net, to a thief recently. A single day doesn’t go by with a few hundred sites losing their home pages to hackers, who disfigure them, either to post a message and make a statement or sometimes merely to gain some self-publicity.

A White House official recently confessed to a wire service that every day at least a hundred unsuccessful attempts to hack into the Pentagon, NASA or the White House are logged by the tracking devices and firewalls employed by these sites. Then again, ready-to-use programs that can cause a web server to `hang’ – a term called Denial of Service are easily available on the net. Utilities with names like Satan, Crack and Lucifer are widely used with ease by amateur hackers to do their dirty deeds. We have also heard reports of domain squatters who register popular domains and brand names, hoping to sell them to the original owners at a super premium later on. In India itself, business houses have been at the receiving end of cyber-squatters. Not just brand names, cyber-squatters also hijack popular personalities. PramodMahajan.com and Vajyapee.com are some examples. Some Mumbai-based youth managed to register a domain under the name of the IT minister. Last year, a porn site vajyapee.com was online for a short while before it disappeared into the fathomless depths of the internet. But it stayed long enough to cause adequate damage.

Domain takeovers enable the hijacker to control the server associated with a domain name, such as nokia.com or Nike.com. Hijackers can then reassign the domain name to another Web server, or to no server at all, scuttling all traffic intended to go to the site.

Another deadly issue is the use of Internet Warfare or the blocking of sites by hackers from warring or discordant nations. So you have domain-name hijackers taking over hundreds of websites in a campaign rooted in tensions among Balkan states – back home, Pakistani hackers have claimed to have identified over 800 vulnerable Indian sites, that can be blocked or hacked in case tensions between the two neighbours hot up. Individuals listing Serbian and Albanian postal addresses recently have exploited a weakness in registrar Network Solutions and appropriated names registered through the company, only to re-register them anew.

A simple method of IP address redirection, ensures that genuine cyber citizens are redirected to other sites before they end up at the URL or portal of their choice. This means that an online business would use this method to divert customers from other competing sites to their own site. Another method called Spoofing creates a facade or a dummy site on the web. Surfers are presented with a page that looks like the real thing, but is really a Trojan that conceals a payload. Hackers also use sophisticated `sniffing’ software and methods to detect IP addresses and packets that they sniff or decipher anonymously. The issue of prime concern is that such software is available for the asking on the Net – all free with the source code included that allows hackers to even change the original to include their own demonical creations. The free internet obviously seems to be serving cyber criminals as well.

This article was first published in The Economic Times and can be found online at:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: