Of Booby Traps and Honey Pots

VISIT TNHEALTH.ORG, GET VIRUS FREE!

First the country was invaded by the sea route, leaving testosterone-pumped citizens pawing at the ground and ready to charge. Terror attacks have the advantage of surprise, some others have the advantage of an insidious subtlety. One in the virtual world has penetrated a government website — not quite a hijack, but a hack. To add to the growing list of “wares”, be it adware, spyware or malware, is a term called badware — and some unsuspecting legitimate-but-compromised websites play host to malicious software to breach your computer’s defences. Insinuating itself into a website’s code, the virus lays out the welcome mat and waits, like a typhoid-Mary sleeper mole, for gullible visitors.

Google tnhealth.org and you're informed that “this site may harm your computer”.Brushing the warning off as overly cautious you forge ahead with your trusty sidekicks AVG Antivirus and Windows Defender, only to discover another Google page informing you helpfully: “this site is badware”.

A little peeved at Google playing parental control-freak, you click compulsively at the next tantalising link — and then voila, Google and Stopbadware.org finally spit out the bad news: 15 pages of tnhealth.org resulted in malicious software being downloaded and installed without user consent — a total of 17 scripting exploits, 16 exploits and 2 trojans! The malicious software is hosted on 4 domains including loskut.cn, whitebiz.cn, and 79.135.187.0 with loskut.cn functioning as intermediary for distributing malware to visitors of this site.

For those who experienced Google’s glitch a couple of days back, this is no human error, it’s more like human terror — because your friendly browser delivers the final salvo — successful infection resulted in an average of six new processes on the target machine.

Translation from hackerspeak: the gobbledygook above means that in a virtual world security breach, access to the Tamil Nadu health portal has been denied as it has been flagged by StopBadware.org — the consumer-oriented global powerhouse run by Berkman Center for Internet and Society at Harvard Law School, and Oxford University’s Oxford Internet Institute.

Worse still, to carry on in the spybioterror vein — a Chinese website is acting as an intermediary double agent.

While China is notorious for cyber-censorship, the paradox is that it hosts over 50 per cent of malicious software spreading sites globally — numbering a whopping 2,00,000 in mid 2008.

On one side we have a country that created the world’s first PC virus (Brain, created in 1986 by the Farooq Alvi Brothers, operating out of Lahore) and on the other side a neighbour equivalent of a land shark with virus goondas running amok. While this is normally no more than the nerd equivalent of muscle flexing, resulting in cyber-graffiti website defacements, the implications of information theft loom in a decade of website hacks as diverse as Indian Army, BARC, Indian embassy (Spain), SBI, IIT Kanpur, Airtel and AvSoft — a company peddling the anti-virus software SmartCop.

While some hacks can be explained as ‘Mafiaboy’ wannabes pushing boundaries, others have more disturbing implications of data theft or access to manipulation of sensitive information (as in the MEA hack hop-trail which led to China.) Cyber-and-otherwise citizens of India — be prepared. When it comes to safety and privacy, buying peace of mind is a better investment. Now, if you’ll excuse me, I need to disinfect my computer!