Modi government has so far updated a large number of official websites after 700-plus instances of hacking between 2013 and 2016.
New Delhi: The Modi government has launched a massive overhaul of official computer systems and websites to fight cybercrime and prevent hacking, particularly of portals linked to its welfare schemes.
Over the past couple of months, the central government has been revamping its websites to try and thwart cyber-attacks and hackers, while also cracking down on fraudulent apps and websites that masquerade as government-owned ones.
The National Informatics Centre, which is responsible for the upkeep of all government portals, has so far updated the websites of the Election Commission of India, the finance ministry, the women and child development ministry, the Indian Railways website (IRCTC.co.in), the information and broadcasting ministry, University Grants Commission (UGC), All India Council of Technical Education (AICTE) and websites of universities such as Jawaharlal Nehru University and Delhi University, among others.
“Websites that have a lot of data are more vulnerable to attacks because once the website is hacked, the hacker can get access to crucial data and mess with the system,” a senior government official told ThePrint.
“Technical experts are trying to make these portals safer and a number of government websites have recently been revamped.”
The Centre has also begun targeting fake websites and mobile apps.
For instance, the National Health Agency (NHA), an autonomous entity tasked with ensuring effective implementation of Ayushman Bharat, the government’s flagship healthcare scheme, has approached Google to clamp down on fake mobile apps on its Play Store passing off as those of the scheme.
The cyber-attacks
A number of government websites including those of institutions and establishments have been vulnerable to cyber threats. Between April 2017 and January 2018, 114 government websites were hacked, according to official data with the Ministry of Electronics and Information and Technology (MeitY).
The ministry had earlier told Parliament that in the three years between 2013 and 2016, 707 government website including those of central government departments and state government departments were hacked.
Besides, incidents of website hacking have been reported on and off from several government departments, including in some high-profile ones.
In April 2018, the ministry of defence website was reportedly hacked but a ministry spokesperson later denied any such incident.
In 2017, even the National Security Guard (NSG) website was compromised.
The government had then said that the NSG website “was partially defaced with an abusive message” and the NIC server it was hosted on was blocked immediately.
In early 2018, instances of possible hacking of the Railways’ website by touts to book tickets were also highlighted but the government officially denied this in Parliament.
Also read: Pakistan’s ISI is using pics of pretty women & social media to get India’s defence secrets
The fake websites, portals of Ayushman Bharat
The NHA, implementing Ayushman Bharat, has not only approached Google to clamp down on fake mobile apps but has also approached the IT ministry to crack the whip on fake websites that have been claiming to represent the scheme.
In the last month alone, the NHA has found 65 fake mobile applications, 50 websites, and eight videos across social media platforms which have either been fraudulently offering enrolment under the scheme or government jobs in hospitals.
The NHA has requested MeitY to block the URLs of the fake websites and Google to take down the apps from its Android-based Play Store.
“In the last 30 days, Google has taken down 59 fake apps from its Play Store and the ministry has blocked 12 fraudulent websites that imitated the logo and look of Ayushman Bharat,” Malti Jaswal, executive director at National Health Agency told ThePrint.
“We are working with the Computer Emergency Response Team (CERT) under MeitY, which is the national nodal agency for responding to computer security incidents, to tackle the problem of fake websites and apps.”
But even as the government claims to be taking a number of steps to ensure safety, cyber-security experts are pointing to a lack of awareness on these issues.
“The government systems are vulnerable because we do not realise the potential threat that hackers can cause to our systems. We have no cyber laws, the National Cyber Security Policy, 2013, is only on paper,” said Pavan Duggal, a lawyer and cyber expert.
“Our government systems are sitting ducks for an attack. If we do not do something drastic, the integrity of our country could be compromised.”
He added that there is a lack of awareness against potential cyber threats among the public as well. “Government issues advisories to try to make people aware of potential cyber threats but how much of it actually reaches them is the question,” Duggal said.
Also read: 79% of Indian firms say cyber security among top 5 business risks: KPMG report