Want to keep the TNW Conference vibe going?? Tickets for TNW2022 are available now >>

The heart of tech

This article was published on February 19, 2020

Indian income tax agency patched a security flaw that would’ve allowed hackers to take over its site

Indian income tax agency patched a security flaw that would’ve allowed hackers to take over its site
Ivan Mehta
Story by

Ivan Mehta

Ivan covers Big Tech, India, policy, AI, security, platforms, and apps for TNW. That's one heck of a mixed bag. He likes to say "Bleh." Ivan covers Big Tech, India, policy, AI, security, platforms, and apps for TNW. That's one heck of a mixed bag. He likes to say "Bleh."

India‘s income tax department patched a bug on its website last week, that allowed attackers to gain control of the site. Thankfully, there was no loss of data.

Security researcher Dhiraj Mishra discovered the vulnerability, and informed CERT-In, the country’s nodal agency to deal with cybersecurity threats. The agency acknowledged the bug and it was patched silently.

[Read: Mozilla launches a VPN app for Android and Windows]

The website was vulnerable to SharePoint RCE (Remote Code Execution) — code CVE-2019-0604 — which was discovered last year. The exploit allows attackers to run arbitrary code on the server to affect operations of the site.

Mishra said attackers can gain access to data such as employee logins:

Once exploited, the vulnerability can give full access of the remote system to the attacker. In my case, it was the Income tax website. So you can deface the entire website of Income tax India because they use Microsoft SharePoint to host the website. You can even possibly view data such as employee logins and official email system.

Last year, a group called Emissary Panda targeted several Middle Eastern government websites using the SharePoint RCE bug.

According to India‘s IT minister, RS Prasad, a total of 48 government websites were hacked in 2019. However, security researchers believe the number was much higher than that.

Also tagged with