Cyber Incident Victim: Bidhannagar City Police

The Bidhannagar City Police's official and verified Facebook page, distinguished by a blue tick, was compromised by hackers for a period of several hours spanning from Saturday night into Sunday morning. The incident, which occurred on or around July 7th, 2023, was first detected by senior officers around midnight when they observed unauthorized alterations to the page's appearance. The cover photograph had been changed to a Doctor’s Day celebration post, which was a legitimate image previously used by the police department. Subsequently, the display picture, which normally featured the Bidhannagar Police logo, was replaced with an image of the Tricolour, the Indian national flag. This new display picture also carried the name of a specific Rajarhat Durga Puja pandal and included an Independence Day celebration message. Furthermore, the official name of the page was altered from "Bidhannagar City Police" to the more generic "Bidhannagar City." Upon realizing these changes were not made by authorized personnel, the police attempted to rectify the situation but discovered they had lost administrative control of the page entirely, prompting immediate action.

The police department quickly initiated contact with Meta, the parent company of Facebook, to regain control of their official page. This involved sending official emails and reaching out to nodal officers located in Delhi to escalate the matter. According to a senior police officer, the incident was described as the page being "temporarily compromised due to a random virus attack." The efforts to resolve the breach were successful, and the page was reportedly fixed quickly with the assistance of Facebook authorities. Law enforcement officials expressed relief that access to the page was regained before the hackers could post any obscene or illegal content, which could have had more severe repercussions for the department's public image and the dissemination of misinformation. Following the restoration of control, a formal complaint was lodged with the Cyber Crime Police Station, and an investigation was initiated to trace the identities and origins of the hackers responsible for the breach.

An internal explanation provided by a senior officer detailed the likely attack vector that led to the compromise. The incident was attributed to a member of the cyber cell who possessed administrative access to the Facebook page. This individual had logged into the page from an Android device, which was characterized as not being a secure platform robust enough against malware attacks. While logged in, the officer reportedly clicked on a link that contained a virus, which had been sent by the hackers. This malicious action allowed the virus to execute, and the hackers gained control of the page almost instantly. The officer emphasized that established protocol mandates everyone in the cyber cell to use secure platforms such as iOS or Microsoft operating systems when logging into official pages or websites in an administrative capacity. These platforms are noted for having stronger firewalls and providing better protection against various forms of virus attacks. The incident was therefore framed as a direct result of this security protocol not being followed by the individual with admin access.

The nature of the threat was further clarified within the article, describing viruses as code programs possessing the ability to replicate themselves within computer and phone systems, enabling them to spread rapidly. The method of infection typically involves a user action, such as opening an email, a WhatsApp message, a text message containing malicious links, or downloading infected file attachments. Once such an action is taken, a hacker can illegally gain control of the user's device. In this specific case, the simple act of clicking a link on a less secure Android device was sufficient to grant the attackers administrative control over a high-profile social media asset. The incident underscores the persistent threats faced by organizations, including law enforcement agencies, from socially engineered attacks that exploit human error. The response from the Bidhannagar City Police involved both technical recovery, through collaboration with the social media platform, and a legal response, with the initiation of a formal cyber crime investigation to apprehend those responsible.