Govt websites on hackers’ radar

Pankaj Sharma/ Zee Research Group India is unable to secure its official websites raising a question mark over claims by the government that it had mounted efforts to tame the growing threat of violation of its digital persona. According to the latest data there has been an alarming increase in cyber violations of official websites of Central and state governments over the last three years. The digital appearance of Indian government has come under severe pressure after 65 government websites were reported defaced in the month of September. A Zee Research Group (ZRG) analysis of data maintained by the centralized Computer Emergency Response Team (CERT), Department of Information Technology, under the Communications and Information Technology Ministry, revealed that out of a total of 6844 cyber defacements during the year as many as 196 government (gov.in) websites were violated. A maximum of 4502 cases of violation belonged to the ‘.in’ domain. The CERT is the nodal agency for monitoring and prevention of cyber crime in the country. The government does not divulge details of websites violated. However, it is in public domain that many of government’s websites have come under the cyber hammer in the recent past. These include the widely reported website violation case of Central Bureau of Investigation (CBI) by ‘Pakistan Cyber Army’ in 2010. However, recently some pages of website of Bharat Sanchar Nigam Limited (BSNL) and a website of Indian metrological department in Kolkata also reported defacement. The data analysis showed that the defacement of government websites was continually on the rise as the number of such cases grew from 92 in 2009 to 117 in 2010 and now 196 in 2011. While officials at CERT refused to speak on the subject, experts blamed lack of knowledge base as a key reason for vulnerability of government websites. Cyber expert Anup Girdhar pointed to the lack of understanding of ethical hacking among government officials as the main reason for the growing menace. He said, “Officials working with National Informatics Centre (NIC) conduct an audit before putting any website on their server, but due to less knowledge of ethically hacking systems, they have not yet succeeded in stopping such viruses.” Ajay Goel, managing director, India and SAARC, antivirus company Symantec, considers defacement of large number of government website as a major issue. He said, “Growing Internet infrastructure, burgeoning broadband population and rampant piracy have made India a hub and a target for malicious activities.” Girdhar argued for innovative methods to tame hackers. He suggested government hire the expertise to help nab the hackers as also prevent defacement. Goel admitted that there was a need to move on with new technologies to curb defacers. “As the threat landscape is shifting to a wide distribution of high impact threats, traditional methods of detection aren’t good enough,” he added. Symantec endorsed the threat perception for government websites.