Hackers deface Eastern Rail website

On clicking the messages in the scroll, it opened into a new window which claimed that 8220;Mianwalian of Whackerz8221; have hacked the site in response to the Pakistan air space violation .

When contacted, ER officials seemed to be unaware of the entire incident and the site was not blocked till 11.40 am.

The website, however, started to function normally after 12 noon. 8220;This is a case of SQL injection. An investigation has been ordered and a report will be submitted within 24 hours. Technically, this cannot be called hacking as our database or confidential information could not accessed. We have, however, taken all necessary precautions,8221; said Samir Goswami, CPRO, ER.

The Railway officials primarily traced the root of injections to Toronto. One official of the ER said that the websites have cyber security certificate from US-based Thawte.

8220;We have informed the service provider and will likely get responses from them after 24 hours,8221; said the spokesperson of ER.

Explaining the SQL injection, Prateek Agarwal, an expert of cyber security said: 8220;When we feed data into any website like name or age it gets converted to specific SQL commands and reaches the database.8221;

8220;The database can then retrieve the data and reply to the query. An advanced user can directly send a specific set of commands in the SQL and play havoc with any website where the database is not secure,8221; Agarwal added.