Experts Analyze the Difficulties in Investigating Social Media Hack Cases
The Twitter accounts of several celebrities and politicians in India were recently hacked, prompting the social media company on Tuesday to temporarily suspend the affected accounts, according to news reports.
See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach
One of the messages posted on an affected account read, “Your account has been hacked by Turkish cyber army ‘Ayyildiz Tim’. Your DM correspondence and important data have been captured. I Love Pakistan.”
Twitter said in a post: “Our teams are working to resolve an issue affecting a small number of Indian users. We will notify affected account holders directly. Reminder: do not click on links in DMs coming from unknown accounts.”
Last month, the Twitter account of Rahul Gandhi who is the leader of Congress Party in India was hacked.
Fingers were pointed at the ruling government. Delhi Police’s cyber cell filed first information report, or FIR, after a complaint was lodged. But so far, the culprit hasn’t been nabbed.
Cyber police tells Information Security Media Group that it has been a challenge to resolve Twitter hacking cases. “It’s a huge task to track cyberattacks by foreign criminals. There are multiple procedures involved, which take time,” says Muktesh Chander, Directorate General, Goa Police.
The attacks on Twitter accounts seem similar to the attacks on government websites last year.
At that time, hackers gained unauthorized access to information on the website of the Ministry of Home Affairs, prompting authorities to temporarily block it. Authorities suspected that the hackers were associated with Inter-Services Intelligence of Pakistan. And law enforcement agencies suspect a Pakistan connection to the latest Twitter account attacks.
One of the challenges involved in cracking down on hacking cases involving social media accounts is that the servers are usually located outside of India, making it more difficult for local law enforcement agencies to track the IP addresses.
“It’s a challenge to track down the right IP address as criminals use a virtual private network,” says Balsing Rajput, superintendent of police, cyber division, Maharashtra State Police. “Moreover, if the address is located outside of India the procedure involved is lengthy. In such cases we have to take the help of CBI which itself taken three months or so.”
Another challenge with nabbing foreign hackers is the uncertainty over which Indian laws apply.
“There is no unified law globally to tackle cyber crime. The law which is applicable in India is often not applicable on a foreign land,” says Na. Vijayashankar, a cyber law expert. And gathering of evidence from other countries is difficult in the absence of a bilateral agreement.
Moreover, by the time police investigate the case and get the required approvals from the government to nab criminals from a foreign land, it may be too late to take action. “It usually takes a long time to get approvals. Usually by then the records gets tampered or removed,” says Triveni Singh, additional superintendent of police cybercrime, Uttar Pradesh Police. “People tend to forget and we also get involved in more important cases. Rarely do these cases see a full closure.”
Grievance Handling Mechanism
Security practitioners and investigative agencies see the need to improve incident investigation and grievance handling mechanisms.
“The Ministry of Home Affairs is aware that we need to step up in our effort to counter and block hackers. It is conducting various workshops to improve and train police personnel,” Singh says, adding that it will take time for things to change.
The ministry recently created two new divisions – Counter Terrorism and Counter Radicalization Division and the Cyber and Information Security Division – to give focused attention to issues relating to terrorism, counter radicalization, cybersecurity, cybercrime and information security. The Cyber and Information Security division monitors online crimes and threats, including cyber fraud and hacking, and suggests ways to minimize and fight them. That unit is developing a curriculum for law enforcement to help them tackle situations like hacking and online fraud more efficiently, Singh says.
Some security experts argue that India needs a national cybersecurity operations center to monitor cyber threats.
“The data protection and privacy law in India will soon come up with a data localization policy,” Rajput says. “This will force companies like Twitter, Facebook and others to store local data in India. However, the problem of nabbing foreign hackers will remain unless internationally we don’t come up with a data sharing mechanism.”