Take over: Karachi’s Atrium Cinemas’ website defaced by ‘All Indian Hackers’

Vande mataram blares as soon as you open the page and visitors are greeted by an Indian flag. PHOTO: COURTESY ATRIUM CINEMAS

‘Vande mataram’ blares as soon as you open the page and visitors are greeted by an Indian flag that obscures the main webpage. “Jai Hind (Hail India),” screams the message left by the hacker, code-named ‘Ashell’.

The hacker even left a poetic verse ostensibly to infuriate his Pakistani counterparts. At the bottom of the page he says, “Admin Hope You Enjoyed The Music Now Close It”.

Nadeem Mandviwala, owner of Atrium Cinemas, told The Express Tribune that the website was an obvious choice because of the gradual increase in traffic to it as Karachi’s first three-dimensional cinema gained popularity. The website receives 50,000 hits a day and is updated meticulously with staff changing the timings almost every day.

This is by no means an isolated event, however, as hackers from across the border appear to attack popular websites all the time. This case appears to be a reaction to Pakistanis hacking Indian websites, said Mandviwala. The owner hoped that the website would be up and running by Thursday night. “We have diverted people to our facebook page,” he said. “The schedule of daily shows can be seen there.”

No Pakistan Telecommunication Authority (PTA) official was immediately available for comment. Internet experts, however, say that the PTA cannot do much to stop such attacks on Pakistani websites that are hosted by international servers. “In most cases, this happens when a website has loopholes that allow hackers to mess up the page,” said an IT expert with the Express group.

The Atrium suffered from an attack called defacement. According to Aleem Bawany, who is the head of Online Strategy & Development at the Express Media Group, most website defacements happen at the hand of so called “script-kiddies” thus labelled because the attack doesn’t require intricate knowledge of systems security and is conducted by teenagers.

“The method for exploitation can vary and the most common remedy is to keep the web server hosting the website up-to-date,” he explained. For example, if it’s a Microsoft Windows machine, the administrator will need to ensure all Microsoft updates have been installed. Most script-kiddies will run a security scan using off the shelf tools.

He added, however, that on the face of it, this case is a harmless attack since websites like those for the Atrium Cinemas don’t hold any business critical data but mostly design templates, show timings etc. “If the vulnerability is not fixed,” Bawany warned, however, “hackers may go silent for a while leading the owners to believe all is resolved, only to exploit the vulnerability months later.”

Pakistan and India have been embroiled in a cyber war since 1998 when the two countries tested their nuclear weapons in a tit-for-tat response. In December last year, a group of Pakistani hackers blocked New Delhi’s Central Bureau of Investigation (CBI) website.

A day later, the Pakistan Oil and Gas Regulatory Authority (Ogra) webpage was blocked. However, hackers have not been able to steal sensitive information from the servers hosting the websites in either of these cases.

Published in The Express Tribune, November 18^th,  2011.