Hackers have cut through a number of government websites during the period January 2005 to February 2008, including one belonging to a defence related pay office in January 2006, as per information tracked and reported to the Indian Computer Emergency Response Team (CERT-In) of the department of information technology. The websites hacked included those belonging to ministry of railways, air cargo customs (Mumbai), Forward Markets Commission, National Institute of Health and Family Welfare, National Institute of Social Defence, department of administrative reforms and public grievances, wireless planning and coordination wing, Bharat Sanchar Nigam Limited, Telecom Regulatory Authority of India, department of information technology, and the Anthropological Survey of India. The websites were hacked by exploiting technical vulnerabilities in the operating systems, web server, database software and application software. The government has taken several remedial measures in regard to securing the websites and enhancing the cyber security of information technology infrastructure in the country; these include (i) CERT-In has published a `Security Guideline for Securing Websites' and these have been widely circulated for implementation. (ii) CERT-In issues security alerts, advisories to prevent occurrence of cyber incidents and also conducts security workshops and training programs on regular basis to enhance user awareness. (iii) The organisations operating critical information infrastructure has been advised to implement information security management practices based on International Standard ISO 27001. This information was given by the minister of state for communications and information technology, Shakeel Ahmad in a written reply in the Lok Sabha today.
|