Data from police sites leaked on darknet, prone to abuse
BENGALURU : Crucial data of at least 382 Bengaluru citizens have been found on the Darknet, vulnerable to theft and misuse after hackers hacked websites of the Bengaluru City Police. The leaked data include passport numbers, names, residential addresses, phone numbers and email IDs. Email IDs and passwords of police officials were also leaked on the Clearnet.
This leak was discovered recently by cyber security experts from CyberSafe Bangalore, an information technology security consulting company that works in the field of vulnerability, threat management, cyber crime, forensic investigation, cyber terrorism and Darknet.
Gagan Jain of CyberSafe explained to City Express, “If I am a person who has applied for a passport and my details are with the hacker, he can open a bank account in my name and buy narcotics. Should the cops get wind of it, the crime will be traced to me although I had no part to play in it. As for the police officials’ email ids, even if their passwords are changed since the hack, the email IDs are enough for hackers to spoof information.”
And here is the more worrisome part: While CyberSpace experts were able to extract only one file containing data of 382 Bengalureans, they say there could be innumerable such files on Darknet. They also discovered that this data was accessed after police websites were hacked in 2014 and 2016.
Experts say this data can be used to impersonate anyone whose details are on the data dump, right from the innocent Bengalureans to top-level police officials, for a range of disturbing activities — funding terror activities, indulging in illegal drug trafficking, flesh trade, or even opening bank accounts to siphon off funds.
Especially disturbing is the discovery that although some of the data is on Clearnet, much of it is on the Darknet, a kind of an anonymous internet which cannot be accessed through normal browsers such as Chrome, Firefox, etc, and is known to be used by terror organisations for cyber warfare, drug trade, prostitution and counterfeiting. One can even purchase leaked bank account details, create fake passports, driver’s licences, procure guns and hit-men using the Darknet. Clearnet, on the other hand, is what we use on a daily basis for surfing social media, work, education and entertainment purposes.
Gauthami B E , a cyber security expert with CyberSafe, says, “Passport details of people can be used to create fake bank accounts or use the person’s existing bank account to fund terrorism. A cyber criminal pretending to be a resident of Bengaluru can commit money-related crimes such as card skimming and phishing, hire hit-men and buy drugs. At this point, identity theft to defame a company or individual is a bigger threat than financial crimes.”
POLICE OFFICIALS’DATA EXPOSED
Jain found in the hack dump official email IDs and passwords of top police officials, including DGPs, IGPs, ADGPs, DIGs, SPs, DSPs and more. “The hacker can do things as dangerous as get hold of a cop's Twitter handle through this leak and post provocative messages online. They can also leak security-related data to foreign countries,” Jain says.
HOW EASY IS IT?
Ask Jain how easy or difficult it was to spot this leak, and he says, “SQL injection (a hacking technique where a malicious code can be entered in the website) is a vulnerability found usually in websites. For someone who understands the technology, it is easy to get hold of the data." Deputy Commissioner of Police (Crime) Ram Niwas Sepat said, “I don’t look into these matters.” M D Sharath, Deputy Superintendent of Police in the Cyber Crime police station, refused to comment.
DIFFICULT TO TAKE DOWN LEAKED DATA
In Clearnet, users may use Chrome to log on to Facebook where their real IP address is recorded. In darknet, TOR browser is used wherein the original IP address is transferred to 7 IPs (proxy servers) before reaching the site. Cyber security expert Tobby Simmons, founder-president, Synergia Foundation, says it is difficult to take down data from the Darknet but it is possible to take it off the Clearnet with intervention from state authorities. As for prevention of leaks, Simmons says, “This is the hard part – it is not possible to prevent leaks. Leaks can happen anywhere – perhaps through a vendor. The challenge is to be aware of such vulnerabilities and plug them as soon as possible.”