Hacktivist team Ghost Squad Hackers recently hijacked the Telangana government’s Rural Development Human Resource Management (RDHRMS) website, leaving a message which read, “Hacked by S1ege. Greetz (sic) to all #GSHmembers.”
–https://t.co/N12Zjnp6uJ#GSH / #GhostSquadHackers pic.twitter.com/EX23q5qIhQ
— s1ege (@__s1ege) March 19, 2020
The group has also claimed responsibility for the hacking of other Indian government websites like cleanmoney.gov.in, defencewelfare.punjab.gov.in, agri.punjab.gov.in, haryanatransport.gov.in and several other government websites – as a mark of protest against the internet ban in Jammu and Kashmir.
Previously, the hacker group leaked sensitive data pertaining to the US and Israeli governments and had targeted terror group ISIS. The group first gained notoriety in 2016 when it defaced Ethiopian government websites following a protest in which government security forces killed nearly 500 students and activists. During the 2016 US presidential election, it launched distributed denial-of-service (DOS) attacks on then-candidate Donald Trump’s website and shut down his hotel collection websites.
In April 2016, the group participated in #OpIsrael along with Anonymous, and leaked the database of the Israel Defense Force, posting information about thousands of IDF soldiers, border patrol and Israeli Air Force personnel online.
S1ege is the self-described “administrator” of Ghost Squad Hackers, and is the group’s de facto leader. Like most hackers, he’s constantly on the move.
Last week, this writer managed to contact Ghost Squad Hackers over email. In the interview that followed, S1ege explained the group’s tactics of targeting government websites in India and their plans for the future.
“In early 2014, we formed various different teams to create an effective and powerful squad to help propagate vigilante orientated operations,” S1ege said. “Then, we started in 2016 with a series of targeted attacks against ISIS, Fox News, CNN, political parties and the US military.”
The group’s focus in 2017 shifted slightly towards targeting ISIS in an effort to clean the internet and social media of the terror group. A multitude of accounts on Facebook, Twitter and Telegram were hacked and added to an extensive list of removed accounts. Efforts by Ghost Squad Hackers later also revealed bomb instructions and other such plans ISIS meant to carry out.
S1ege explained how Ghost Squad Hackers “operate on an ethic”.
“We don’t want to harm anyone, our prime intent and focus is on anti-governmental and organisation cyber protests within current involvements of media speculation and real life happenings,” he said.
The mission, he explained, was to support people “to deny, degrade and disrupt governments” in cyberspace. “We have a team of specialists to do something that had never been done before – hacking into a government organisation’s website is to give them a reminder,” he said.
Excerpts from the interview:
Is what you do legal?
No, not at all. We are even misunderstood by both the public and by the media. We operate on an ethic. We have done so much good for people across the world, we are the front of the weak, the face of the faceless, and the voice for the voiceless. We are not evil, we love the people, that is it.
What motivates you?
The entirety of our work differs from each operation individually, a majority of our work involves protesting corruption at the governmental level. The thing that motivates our team a lot is that people appreciate that we try to protest injustice. We receive the ‘appreciation’ of the people across the globe and our team is proud of themselves that they are going in a good direction.
Hacking Indian government sites as a protest against the internet ban in Jammu and Kashmir was similar to what we did in the past… we saw people in Kashmir taking to social networking sites to hail our move.
Can you tell us more about your hacking history?
Yes, so far, we have conducted targeted attacks against ISIS, Fox News, Afghanistan government, CNN and the US military. The reason that we broke into their websites was to let them understand the injustice they are doing. We have also helped administrators fix vulnerabilities and those kinds of things are our goals. To let them feel a bit of pain.
Kashmir has been cut-off from the world since August last year. What drew your attention to the region?
One of our teammates saw somewhere on the internet about the daily happenings of Jammu and Kashmir. As people know, we believe in free speech – but the Indian government’s form of beliefs is monolithic and evil.
We hacked their servers because of internet censorship in Jammu and Kashmir, and to help spread awareness and protest their fascist agenda. We stand for constitutional rights, they (Indian government) cannot suppress the free speech in Jammu and Kashmir, so we targeted their websites to show our support for Kashmir and to send a clear message that all forms of fascist agenda will be fought.
Is there any party who backs or funds you?
We are not financially motivated or backed by any government or party, we are completely independent.
Is there a message you wish to convey to the Indian government?
The message is clear: If the Indian government continues to implement fascist policies/actions, we will respond with a mass defacing of their servers. The next time, we may even leak data.
People in Kashmir are dependent on 2G because of the government’s policies in the region.
Yes, inadequate internet access has compounded the challenges for healthcare workers as well as the local population in the isolated region, who face the looming pandemic with a severely deficient health infrastructure. In depriving Kashmir of the internet now, the Indian government is ‘being inhuman’.
The message we want to transmit is that if the Indian government continues to restrict internet access in the region, we will continue to censor their websites with our messages in the future.
Any message to the people of Kashmir?
To the people of Jammu and Kashmir, we will support your efforts and continue to back you through this pandemic and tyrannical government’s grip. If India’s government is persistent, we will be more persistent and consistent. No region/state/ethnic group should not have access to the internet, not even limited access. These are basic civil rights and liberties.
Lastly, what are some steps that users can take to protect themselves online beyond the usual precautions?
Enable two-factor authentication, keep your systems updated and do not open links from unknown sources. If you are new to technology, use services like the Microsoft Store to download software and always check for valid certificates for software you download. If you are suspicious and can’t afford good antivirus, upload the downloaded software to antiscan.me or virustotal.com. You can never truly be secure, but you can make things more difficult for attackers.
Mir Suhail is a journalist based in Srinagar.