India shutters sites and social media accounts

Pakistan suspected of spreading rumours inciting sectarian violence


India's government is blocking up to 250 web sites and social media accounts as part of on-going efforts to arrest the spread of damaging rumours which it believes are designed to incite sectarian violence.

Following violent clashes in Assam over the past month between ethnic Bodos and immigrant Muslims, rumours began to spread via bulk SMS messages last week of reprisals against north-east Indians migrants living in cities such as Bangalore, Mumbai and Pune.

This sparked a mass exodus of these communities and a blanket ban on bulk SMS messages by the government.

It has now emerged that similar rumour-mongering has been taking place on the web, with doctored videos and images being spread, designed to spark violent Muslim reprisals and fear among north-easterners.

The government has responded swiftly by blocking 130 of the offending sites and planning to do the same to over 100 more, although it is having more difficulty in taking action against individual social media accounts registered outside the country, according to the local Tamil News Network (TNN).

The Indian authorities are now seeking intervention from the US Department of Homeland Security and other agencies after social networking sites such as Facebook apparently said they were reluctant to take action on content uploaded by users outside of India.

Reports from India suggest the campaign of fear is being spread by Pakistani hard-liners, although this has yet to be substantiated.

“I was told by India’s home minister that they have information about the situation in Assam that the SMS creating panic were sent from Pakistan,” Pakistan home minister Rehman Malik told reporters.

“I told him that at the official level we have no such information and that if India has any such information stating that these messages creating panic and migration to Assam were sent from Pakistan then we will definitely investigate the matter.”

If true, this is by no means the first time the rival nations have clashed in cyber space - hacktivists from both sides are periodically responsible for web site defacement and DDoS campaigns.

According to the local CERT, there have been over 7,000 instances of web defacements for .in domains so far this year and almost the same number for .com domains in the region. ®

Similar topics

Broader topics


Other stories you might like

  • Another VPN quits India, as government proposes social media censorship powers
    New Delhi now fighting criticism of eroding free speech and privacy with two proposed regulations

    India's tech-related policies continue to create controversy, with fresh objections raised to a pair of proposed regulation packages.

    One of those regulations is the infosec reporting and logging requirements introduced by India's Computer Emergency Response Team (CERT-In) in late April. That package requires VPN, cloud, and numerous other IT services providers to collect customers' personal information and log their activity, then surrender that info to Indian authorities on demand. One VPN provider, ExpressVPN, last week quit India on grounds that its local servers are designed not to record any logs so compliance would be impossible. ExpressVPN will soon route customers' traffic outside India.

    On Tuesday, another VPN – Surfshark – announced it would do likewise.

    Continue reading
  • Indian government signals changes to infosec rules after industry consultation
    Reports suggest SMBs will get more time, but core elements including six-hour reporting requirement remain

    Indian media is reporting that the government has consulted with industry about its controversial infosec reporting rules, possibly resulting in concessions that slightly ease requirements for some businesses.

    The rules, introduced on April 29 with no warning and a sixty-day compliance deadline, require organizations operating in India to report 22 different types of information security incidents within six hours of detection, maintain extensive logs of their own and customers' activities and provide that info to authorities as required, and use only network time protocol (NTP) servers provided by Indian authorities or synced to those servers.

    The rules generated swift and widespread opposition on grounds that they were loosely worded, imposed enormous compliance burdens, made India less attractive to foreign tech companies, and would harm privacy. The requirement to report even trivial incidents within six hours was criticized as likely delivering a deluge of reports that would contribute little to the stated goal of securing intelligence with which to defend the nation. The Internet Society warned that insistence on using Indian NTP servers would create an unhelpful reliance on that infrastructure.

    Continue reading
  • BSA kicks multiple holes in India's infosec reporting rules
    Strongly suggests extensive re-writes and consultation - backed up by Microsoft, Intel, AWS, and friends

    Lobby group The Software Alliance (BSA)* has written to India's government, pointing out impractical requirements, inconsistencies, and flaws in the nation's recently announced infosec reporting rules. The organization says the problems can only be addressed with extensive consultations and a delay to implementation.

    The BSA has already co-signed another letter that eleven tech and finance lobby groups sent to India's government, which requests changes to requirements such as extensive logging of user activities and reporting of even trivial infosec incidents within six hours of detection. That multi-party letter states that these rules will harm the nation's economy by discouraging foreign investment.

    The Alliance's own document [PDF] raises issues not addressed in the multi-party letter – such as an argument that requiring cloud providers to supply logs of customers' activities is futile as clouds don't log what goes on inside resources rented by their customers.

    Continue reading

Biting the hand that feeds IT © 1998–2022