Cyber Incident Victim: The High Commission of Fiji
Date:
Nov 2016
Location:
India
Summary
A hacker associated with the Powerful Greek Army breached the High Commission of Fiji's website in India via SQL injection, compromising login credentials of nearly 200 accounts and leaking partial database contents to pressure administrators into patching vulnerabilities. The attacker, known as Kapustkiy, claimed the intrusion followed repeated unaddressed warnings about security flaws to the site administrator responsible for multiple diplomatic sites, despite prior acknowledgments from Indian authorities thanking him for identifying vulnerabilities. The incident exposed credential data and underscored persistent unmitigated risks, with the organization's breach confirmation pending while another affected commission acknowledged the compromise.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On November 26, 2016, a security researcher identifying as Kapustkiy, affiliated with the hacker group Powerful Greek Army, breached the websites of the High Commission of Ghana and the High Commission of Fiji in India. The attacker exploited SQL injection vulnerabilities to access databases containing login credentials for nearly 200 user accounts across both diplomatic missions. Kapustkiy publicly disclosed portions of the compromised data, asserting this partial leak was intended to pressure administrators to remediate security flaws while minimizing exposure. The breach followed repeated unsuccessful attempts by Kapustkiy to alert Indian authorities about vulnerabilities he had previously identified in government-affiliated websites. He specifically referenced contacting Yatin Patel, the administrator responsible for managing the affected high commission sites, who had allegedly promised but failed to implement security improvements. Kapustkiy claimed subsequent emails to Patel received no substantive response, with administrators falsely asserting all vulnerabilities had been patched.
The incident exposed authentication credentials of diplomatic service users, though the full scope of compromised data categories beyond login information was not detailed in public disclosures. Indian authorities had previously acknowledged Kapustkiy’s security research through Sanjay Kumar Verma, Joint Secretary for eGovernance and Information Technology, who thanked him for probing embassy websites and confirmed ongoing remediation efforts prior to this breach. By November 29, the High Commission of Ghana confirmed the security incident and committed to implementing fixes, while the High Commission of Fiji had not issued any public statement regarding the compromise of its systems. The breach highlighted persistent vulnerabilities in Indian diplomatic web infrastructure despite prior warnings, with the attacker leveraging unaddressed flaws to demonstrate security deficiencies through unauthorized database access and selective data disclosure.