Yet another reminder of the importance of implementing robust website security, the flash news today alleged that “IRCTC website has been hacked, a major public website! And apparently, thousands of users’ data including PAN card details etc., could be in danger of being stolen.
Public websites that are used nation-wide and meant to store huge user data should ensure the highest levels of data security. It should be noted that since such publicly-available websites provide a treasure trove of data to hackers, they are high-value targets of compromise. They could also be a target for pranksters and hacktivists seeking publicity.
Hackers usually hack a website by exploiting one or more of the weak links in the website design. Real-time data stolen from these kinds of websites earn them a lot of monetary benefits, as the stolen data can be sold for huge amounts of money either to legitimate, typically marketing, companies or another hacker group.
Any down-time for such important public portals for even a short amount of time to fix the issue might entail a hefty economic hit, and inconvenience thousands of users. However, security of these public websites demands regular vulnerability assessments and penetration tests to identify weaknesses, and software updates for the hosting platform on which it runs and for third-party installed security software.
Prevention is better than Cure.
Senior Threat Researcher, K7TCL
If you wish to subscribe to our blog, please add the URL provided below to your blog reader: https://labs.k7computing.com/feed/