Hackgate ‘wakes up’ CICSE

Jun 07, 2013

Tags:

Chennai: Even as the Council for Indian Certificate of Secondary Education (CICSE) launched a detailed probe as to how their results were cracked by a student, parents are a worried lot.

Speaking to Deccan Chronicle over phone from Kerala, Fr. C.M. Jose Aikara, chairman of Council for Indian Certificate of Secondary Education (CICSE) said he was shocked when he read the news in newspapers."We, at CICSE, are shocked. How can a person intrude into our portal and take the data out? I have ordered a detailed internal probe and expect the report to be tabled on Monday", he said.

Asked about the allegations of marks tampering the student had raised in his blog, Fr. Aikara noted that the results were all evaluated with much care and he would not speculate until the internal probe gets over. However, parents are a worried lot, as they fear that marks of their children too could have been tampered.

“When a person is able to crack the code and view the results, why can’t we check that marks of children have been tampered or not. Somebody else could also have done it, as CICSE is not aware of the developments until the person comes out in open", S. Latha, a parent, said with much worry in her face.

V. Venkatachalam, dean, Vels Group of Institutions, which runs a school affiliated to CICSE, dismissed it as a “stray incident. I think we should not worry a lot as results are sent to the school individually and we check the veracity of marks with the tabulated mark sheets sent by the Board”, he said.

‘Cracking fete’ evokes mixed reactions on web

Manish Kumar | DC

Some cheered, many whined, most of them tweeted. Twitteratti on Thursday was abuzz with a buffet of views on Cornell graduate Debarghya Das’ seemingly unreal attempts to mine data from the ICSE website.

The initial reaction on the hackgate on the micro blogging site was one of disbelief.

“Is it just me or this makes you gasp as well?” quipped Ruchi Soni, while sharing the link of the controversial blogpost. She is a micro blogger currently working with the World Bank in its energy vertical

For engineer-cum-programmer Archit Sharma, Debarghya’s work is nothing short of an accomplishment, when he asks, “ICSE exposed, explored and exploited… when is 12th CBSE data coming up?”

Yin Li , a student from New Jersey, could not stop raving about Debarghya’s claim to fame. “This guy is super cool!,” she tweeted.

On the other side, the hackgate also threw up a bevy of confusing signals to many on Twitter. Anisha Sridhar, a technology student at New York University, expressed her concerns when she said, “surprising, sad, scary results.”

Bengaluru based Vishy Kuruganti described the revelations made by Debarghya as “fascinating insights”. Chennai based Vasanth Srinivasan, who describes himself as a former hacker and says he is currently doing time in a corporate technology firm, believes what Arghya did was only ‘ethical’ hacking. “The guy breaking into the ICSE database is only indulging in ethical hacking... not breaking the law,” he tweeted.

Ethical hacking, however, defines itself as a process where a person is employed by an organisation to penetrate networks or computer systems for the purpose of finding and fixing computer security vulnerabilities.

Five of 10 govt sites vulnerable

N. Arun Kumar |DC

With ICSE results cracked online by a Cornell University student creating a furore, J. Prasanna, founder, cyber society of India, says five of 10 government websites are vulnerable for cyber attacks.

In an informal chat with DC on Thursday, Prasanna said in the last few months, he had observed several hackers penetrate celebrity websites and use them to launch malware, bitcoin miners for making profits. “Celebrity websites get thousands of hits a day, thousands of people will get infected per day,” he said.

Elaborating on the vulnerability of government websites, the cyber society founder said that portals like those related to land records, income tax, top government organisations were targets of hackers and they need to be protected.

“More than government websites, those of celebrities need to be protected. Most often when we send emails to National Informatics Centre (NIC) and Computer Emergency Response Team-India (CERT-In) they take immediate action. Codes need to be checked for vulnerability, NIC can take initiative with CERT-In to do it. But if CERT receives reports they immediately take action,” Prasanna said.

Highly placed sources in the Union government pointed out that they receive several complaints of intrusion by unauthorised persons into websites and some hack the portal but a few place their signature in codes and vanish.

“For example when we had the Commonwealth Games in India everyday 200 odd persons tried to hack our Commonwealth Games website but with highly trained experts in the government in the IT department we were able to resist their attack”, the sources said.

Post new comment

<form action="/comment/reply/235439" accept-charset="UTF-8" method="post" id="comment-form"> <div><div class="form-item" id="edit-name-wrapper"> <label for="edit-name">Your name: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="60" name="name" id="edit-name" size="30" value="Reader" class="form-text required" /> </div> <div class="form-item" id="edit-mail-wrapper"> <label for="edit-mail">E-Mail Address: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="64" name="mail" id="edit-mail" size="30" value="" class="form-text required" /> <div class="description">The content of this field is kept private and will not be shown publicly.</div> </div> <div class="form-item" id="edit-comment-wrapper"> <label for="edit-comment">Comment: <span class="form-required" title="This field is required.">*</span></label> <textarea cols="60" rows="15" name="comment" id="edit-comment" class="form-textarea resizable required"></textarea> </div> <fieldset class=" collapsible collapsed"><legend>Input format</legend><div class="form-item" id="edit-format-1-wrapper"> <label class="option" for="edit-format-1"><input type="radio" id="edit-format-1" name="format" value="1" class="form-radio" /> Filtered HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd></li><li>Lines and paragraphs break automatically.</li></ul></div> </div> <div class="form-item" id="edit-format-2-wrapper"> <label class="option" for="edit-format-2"><input type="radio" id="edit-format-2" name="format" value="2" checked="checked" class="form-radio" /> Full HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Lines and paragraphs break automatically.</li></ul></div> </div> </fieldset> <input type="hidden" name="form_build_id" id="form-927313056a9deba5e58295933385e894" value="form-927313056a9deba5e58295933385e894" /> <input type="hidden" name="form_id" id="edit-comment-form" value="comment_form" /> <fieldset class="captcha"><legend>CAPTCHA</legend><div class="description">This question is for testing whether you are a human visitor and to prevent automated spam submissions.</div><input type="hidden" name="captcha_sid" id="edit-captcha-sid" value="80414087" /> <input type="hidden" name="captcha_response" id="edit-captcha-response" value="NLPCaptcha" /> <div class="form-item"> <div id="nlpcaptcha_ajax_api_container"><script type="text/javascript"> var NLPOptions = {key:'c4823cf77a2526b0fba265e2af75c1b5'};</script><script type="text/javascript" src="http://call.nlpcaptcha.in/js/captcha.js" ></script></div> </div> </fieldset> <span class="btn-left"><span class="btn-right"><input type="submit" name="op" id="edit-submit" value="Save" class="form-submit" /></span></span> </div></form>