The Congress website and Twitter handle was hacked on Thursday, a day after hackers infiltrated party vice-president Rahul Gandhi’s account on the popular social networking site and sent out a barrage of expletive-laden messages.
The back-to-back incidents in a little over 12 hours put to question the country’s online security system at a time when the government is promoting digitisation in a mass scale, including in governance and electronic payment for goods and services.
Information technology minister Ravi Shankar Prasad assured the matter is being looked into very seriously.
“We are seeking the details of all those who logged in that Twitter account in the past one week to probe it further,” he said.
His assurance came after cyber criminals attacked the main opposition party’s Twitter handle, @INCIndia, website and servers, and threatened to publish private emails of Congress members. The posts were quickly deleted.
“We sincerely hope the Modi government will move expeditiously to not only probe and punish the guilty but also revisit the issue of digital safety,” Congress’s chief spokesperson Randeep Singh Surjewala said.
The party filed a set of complaints with the cyber cell of Delhi police.
The cyber cell of economic offences wing of Delhi police registered two separate FIRs under Section 66 of the IT law. Teams have been formed to investigate the hacking and Twitter was asked to provide log details of both accounts.
“We are taking help from officials in Twitter in Bengaluru,” joint commissioner of police Deependra Pathak said.
Though the Twitter handles of the Congress and Gandhi were restored, the party’s website continued to be down till late Thursday night. The website was compromised earlier on December 9, 2011.
“Hello everyone! We are back. The tweets in the morning lacked wit, evidently. Anyway, Mr Modi, back to people’s questions, care to answer?” read a Congress tweet after the account was restored. The reference was to the government’s demonetisation drive.
For his part, Gandhi posted from his @OfficeOfRG: “To everyone of you haters out there: I love all of you. You’re beautiful. Your hatred just doesn’t let you see it yet.”
The Congress urged the government to ensure better online security, which it said is pertinent as Prime Minister Narendra Modi is exhorting Indians to go cashless.
“Those forcing country to adopt online payment overnight, have they taken steps to ensure a/c of ordinary ppl will be immune from hacking?” tweeted Congress president Sonia Gandhi’s political secretary Ahmed Patel.
Party colleague Surjewala wondered if the digital payment network is safe if platforms such as Twitter can be hacked so unabashedly. “Does it not prove the inherent cyber security risks that exist for all electronic transactions and payment gateways?” he asked.
Also, be blamed “fascist” forces for the hacking, saying it reflects the extremities of an intolerant culture. “Remember, we are legion, do not (expletives) with us!” said one of tweets posted by hackers from Gandhi’s account.
According to Congress leader Mallikarjun Kharge, Gandhi dissuaded his party MPs from pitching in Parliament the hacking of his Twitter account. “We wanted to raise this issue. But he said we should not blow up such issues if any person commits such insensible act.”
The hacking exposes cyber vulnerabilities as parties push their social media outreach.
A Twitter account can be hacked in one or more ways. A hacker can either choose to download a tool from thousands of websites available online to hack a person’s profile or use the sheer brute force of programming to get a password, change it and hijack the account.
Hackers may have gained access to the Congress social media accounts through a targeted and persistent attack on the party server, which gave them access to all emails.
Experts suggested steps such as complicated passwords and encryption of files stored on the server to minimise hacking risks.
“Other steps include updating the security system with patches that are released from time to time,” an expert said. Patches are files or codes that a company releases after a loophole or a bug is identified in the first public release of software.