SUMMARY
110 government websites were hacked in 2018
Government has established for the protection of critical information infrastructure
Government has empanelled 90 security auditing organisations to secure its websites
Amid the increasing number of hacking, data theft, and privacy breach cases, it seems that the Indian government has learnt from its past mistakes as it was able to reduce the number of hacks on state-operated websites this year.
In response to a question in Lok Sabha, Ravi Shankar Prasad, Union Minister for Electronics and Information Technology (MeitY), said that 48 government websites were hacked between January and October 2019.
This is a significant drop from previous years. To be precise, a total number of 199, 172, 110 websites of various ministries, departments and state governments were hacked during the year 2016, 2017, 2018 respectively.
However, Prasad didn’t specify whether different websites were affected or the same websites were hacked more than once with no information on the state-wise break up of hacked websites.
Government Securing The Internet
Further informing about the initiatives taken by the government to strengthen the cybersecurity in the country, Prasad said that the government has established the National Critical Information Infrastructure Protection Centre (NCIIPC) for protection of critical information infrastructure in the country, as per the provisions of section 70A of the Information Technology (IT) Act, 2000.
Moreover, the Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding the latest cyber threats/vulnerabilities and countermeasures to protect computers and networks on a regular basis, he added.
On how the government is securing its websites, Prasad said that all the government websites and applications are to be audited with respect to cybersecurity prior to their hosting. “The auditing of the websites and applications is conducted on a regular basis after hosting also,” he added.
For the auditing process, the government has empanelled 90 security auditing organisations to support and audit the implementation of the best security practices of the websites.
Prasad further said that the government has formulated a crisis management plan for countering cyber attacks and cyber-terrorism. “Cybersecurity mock drills are being conducted regularly to enable assessment of cybersecurity posture and preparedness of government organisations,” he added.
So far CERT-In has conducted 44 such drills by where 265 organisations from different states and sectors such as finance, defence, power, telecom, transport, energy, space, among others, participated.
Moreover, the government has launched a Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). The centre helps in the detection of malicious programs and also provides free tools to remove the same.
