KOCHI: Police have launched a probe into a suspected cyber attack wherein an unknown computer user accessed various credentials including username, password and email addresses after hacking into various websites and an app of Kerala Police.
Though no damage has been reported till now, cases have been registered at various police stations on the direction of the state police chief and an investigation has been launched into the incident.
An alert in this regard was issued to Kerala Police by Computer Emergency Response Team-India (CERT-IN). CERT-IN under the Minister of Electronics and Information Technology, Government of India, is the agency which carries out online surveillance, and deals with cyber threats. A detailed report was given by CERT-IN to Kerala Police detailing the IP address used by the perpetrator to access various websites and apps. Police officials are tight-lipped over the incident.
The Ernakulam North Police have registered a case under Section 43 of the Information Technology Act for illegal access and data theft. Cyber experts of the Kerala Police are in charge of the investigation.
According to sources, as per the alert from CERT-IN, the hacking took place before September 9, 2023. The hacker targeted computers at various police stations and related offices and accessed usernames, passwords and email addresses associated with Kerala Police.
It is suspected that the hacker stole details from websites like SPARK, Crime Drive, IAPS and web pages of various police stations. Apart from this, the hacker also accessed the CMO Portal where the public registers their grievances to the chief minister, and also the official app of Kerala Police- Pol-App.
Officials in the Cyber Cell revealed that hackers accessed police websites through the personal laptops of police personnel who log into various departmental websites from home or office for convenience.
“It was revealed that information linked to Ernakulam North Police Station was accessed after hacking into the laptop of a civil police officer who works at the same station. The officer used to log into police websites from his laptop for official works. We suspect that through the laptop of the police official, hackers accessed the credentials of the website. However, no information was lost. Similarly, user ID and passwords were not altered,” he said.
Cyber Cell officials expect the state police chief to come out with a circular to end the practice of cops logging into official websites and apps through their personal gadgets. During Covid lockdown period, various private companies regularly bore the brunt of cyber attacks after their employees used personal computers and laptops for office-related work. Most of these personal laptops lack anti-virus firewalls to keep hackers at bay.