kinda ol news though....
source : http://cities.expressindia.com/fullstory.php?newsid=142476
Chandigarh, August 4: WHEN the entire client database, payment details and future projects of a city-based advertising agency Pushpak Advertising was available for free viewing and tampering on the computer screens of several users of Sify’s broadband recently, the ad agency, which also used Sify’s broadband, was aghast.
As parts of its hard disk got ‘‘automatically formatted’’ days later by some user of the network, the ad agency thought it could be the handiwork of some virus.
Advertisement
But the agency managers say that the damage was due to data insecurity on Sify’s network in Chandigarh.
‘‘We were shocked how our data was freely available to everyone on the Sify network,’’ said Rakesh Thakur of Pushpak Advertising.
In another shocking incident, a newly-married Sector-15 couple’s private and intimate honeymoon photographs, which these Sify users had saved in their computer’s hard disk, were reportedly available on the Sify network and were being circulated among several other Sify users for about the last six months.
‘‘This was very shocking. The couple faced a lot of embarrassment,’’ said a source familiar to the incident. Similarly, a city-based chartered accountant’s balance sheet was also reportedly accessed by several Sify users recently.
Many of the Sify broadband users with ordinary computing skills have been found using a commonly and freely available software for survelliance and mischief. ‘‘Sify users wishing to intercept all Internet traffic on the ISP’s network have been downloading a small software utility called ‘Sniffer’ and then turning their computers into the promiscuous mode. This enables them to monitor and copy all Internet traffic on the network,’’ said a source.
Normally computers won’t accept data packets not meant for them though all data packets go to all computers on a Local Area Network (LAN), on which Sify works in Chandigarh.
But using this common, freely available software, unscrupulous users are found to be turning their computers into a promiscuous mode and then eavesdropping all data. Such users often get the software to copy and store others’ data in their hard disks.
‘‘Installing the Sniffer software is as easy as double-clicking. A firewall protects computers and all information in it, but the moment the information and data go beyond the computer to the Sify network, it becomes vulnerable to exposure,’’ said Harpreet Singh Giani, a data security expert and IT lawyer.
Under the cyber laws, ISPs are required to maintain logs, to record all Internet activity and trace hacking attempts but Sify’s franchises are apparently not using this technology.
‘‘Anti-viral software cannot possibly curb hacking attempts. The Intrusion Detection System would need to be installed at the franchisee level in order to be effective,’’ said Giani.
‘‘No firewall or similar system installed by Sify at present is a credible deterrent to even a casual script-kiddie, let alone a determined malicious hacker,’’ he added.
We have taken measures: Sify
When contacted, Sify’s Regional Manager (North) Punit Sharma claimed Sify has an ‘‘online monitoring system’’. The ISP’s Delhi-based Chief Communications Officer David Appasamy said in an e-mail interview: ‘‘Sify has implemented Intrusion Detection Systems, Firewalls and other mechanisms in the network and has a Security Task force which constantly monitors unnecessary activity on the network and takes appropriate action’’.
When asked about the specific hacking attempts on Sify’s network in Chandigarh, Appasamy said: ‘‘To ensure there is no file sharing, the customer simply has to disable sharing on his computer settings. In order to protect the consumer’s PC, Sify provides users various features like anti-virus packages free of charge. Sify is also launching personal port blocker options.’’
He, however, did not respond to the queries on whether specific complaints were made to them and what action they proposed to take.[/b]
source : http://cities.expressindia.com/fullstory.php?newsid=142476
Chandigarh, August 4: WHEN the entire client database, payment details and future projects of a city-based advertising agency Pushpak Advertising was available for free viewing and tampering on the computer screens of several users of Sify’s broadband recently, the ad agency, which also used Sify’s broadband, was aghast.
As parts of its hard disk got ‘‘automatically formatted’’ days later by some user of the network, the ad agency thought it could be the handiwork of some virus.
Advertisement
But the agency managers say that the damage was due to data insecurity on Sify’s network in Chandigarh.
‘‘We were shocked how our data was freely available to everyone on the Sify network,’’ said Rakesh Thakur of Pushpak Advertising.
In another shocking incident, a newly-married Sector-15 couple’s private and intimate honeymoon photographs, which these Sify users had saved in their computer’s hard disk, were reportedly available on the Sify network and were being circulated among several other Sify users for about the last six months.
‘‘This was very shocking. The couple faced a lot of embarrassment,’’ said a source familiar to the incident. Similarly, a city-based chartered accountant’s balance sheet was also reportedly accessed by several Sify users recently.
Many of the Sify broadband users with ordinary computing skills have been found using a commonly and freely available software for survelliance and mischief. ‘‘Sify users wishing to intercept all Internet traffic on the ISP’s network have been downloading a small software utility called ‘Sniffer’ and then turning their computers into the promiscuous mode. This enables them to monitor and copy all Internet traffic on the network,’’ said a source.
Normally computers won’t accept data packets not meant for them though all data packets go to all computers on a Local Area Network (LAN), on which Sify works in Chandigarh.
But using this common, freely available software, unscrupulous users are found to be turning their computers into a promiscuous mode and then eavesdropping all data. Such users often get the software to copy and store others’ data in their hard disks.
‘‘Installing the Sniffer software is as easy as double-clicking. A firewall protects computers and all information in it, but the moment the information and data go beyond the computer to the Sify network, it becomes vulnerable to exposure,’’ said Harpreet Singh Giani, a data security expert and IT lawyer.
Under the cyber laws, ISPs are required to maintain logs, to record all Internet activity and trace hacking attempts but Sify’s franchises are apparently not using this technology.
‘‘Anti-viral software cannot possibly curb hacking attempts. The Intrusion Detection System would need to be installed at the franchisee level in order to be effective,’’ said Giani.
‘‘No firewall or similar system installed by Sify at present is a credible deterrent to even a casual script-kiddie, let alone a determined malicious hacker,’’ he added.
We have taken measures: Sify
When contacted, Sify’s Regional Manager (North) Punit Sharma claimed Sify has an ‘‘online monitoring system’’. The ISP’s Delhi-based Chief Communications Officer David Appasamy said in an e-mail interview: ‘‘Sify has implemented Intrusion Detection Systems, Firewalls and other mechanisms in the network and has a Security Task force which constantly monitors unnecessary activity on the network and takes appropriate action’’.
When asked about the specific hacking attempts on Sify’s network in Chandigarh, Appasamy said: ‘‘To ensure there is no file sharing, the customer simply has to disable sharing on his computer settings. In order to protect the consumer’s PC, Sify provides users various features like anti-virus packages free of charge. Sify is also launching personal port blocker options.’’
He, however, did not respond to the queries on whether specific complaints were made to them and what action they proposed to take.[/b]