Generally, in Pakistan we don’t care much about security, and this is truly due to lack of education for Information security in the country. Though there are few people who work really hard and put their best efforts to protect their data/computers/web servers from hacking attempts.
I have raised the issue several times about hacking, I mentioned the reasons about why they hack websites, how do they think and so on…! But unfortunately, I see very little change in peoples’ mind and how they treat security concerns.
It’s not about personal websites, but we have seen plenty of corporate websites (including banks/Government
websites) getting compromised. By the way, three banks got compromised in Pakistan since November 2008. We covered one of them in detail, while other hacks were of minor size.
Similarly, today Press Information Department (PID) got hacked – accompanied by some other websites too, which include
http://www.pid.gov.pk/
http://www.pwdajk.gov.pk/
Again, my request to corporations, government institutes and other web server owners is to get their security audit done. Getting security done of a web server is equally important when compared to safeguarding your physical business.
It’s a matter of fact that all these websites, which are being hacked, had low security, and a kid can deface them. So at-least do some basic security, hire some-one and get on the safer end.
You must be wondering, why I am not telling you the steps to secure your web servers; my answer to this question is that I can’t public this information – for a reason that doing a security audit is somewhat similar to hacking, and I don’t want to get punished for giving hack lessons to all of you.
So the idea is to go ahead and hire a company… I hope people will understand and take necessary steps as well.
do you know any company or person who does such audit in Pakistan do let me know
yea i saw its hacked by pakistani hackerz Pakbugs-Crew u can check on their website pakbugs.org
There are too many companies who do security audit they are doing there work from long time but there are some new people also in market who really do the best to do secure the assets getting security audit from some company or some free lance you should first now what type of security audit you need i have mentioned the types of audit already if you didn’t manage to find the link here it is http://www.propakistani.com/2008/12/05/what-why-secure-web-server/ + there are more information also regrading this if you are interested i can explain more about this