Rising attacks on websites expose Net vulnerabilities
With several government websites hacked or defaced over the last few days, members of the hacker group ‘Anonymous’ have labelled the country’s cyber security setup a 'joke', and said they could easily hack into servers of most government organisations.
In replies to various questions on cyber security in Parliament, HRD minister Kapil Sibal and Sachin Pilot had referred to the Indian Computer Emergency Response Team as the agency to tackle cyber issues.
But In-CERT can only respond to cyber incidents; preventive measures are not its domain.
In fact, Anonymous hackers made a Denial of Service (DoS) attack on the CERT website about 10 days ago. Though CERT denied the attack, it quickly issued an advisory about hackers attacking websites using DoS.
After the attacks on state government websites, whi-ch Anonymous says will continue, ACP (Cyber Crime Cell) K. Chitti Babu said the city police did not register any case as it is not competent enough to deal with such cases.
Interestingly, the city police website lists ‘Unauthorised access and hacking’ and ‘Denial of Service’ attacks among other areas it deals with.
The government had, a few years ago, created National Technical Research Organization (NTRO) to take care of cyber security. In 2007, then CM Y.S. Rajasekhara Reddy announced creation of a National Institute of Cryptology Research and Development here under NTRO. The dream is yet to come true, even as NTRO is mired in controversy.
After the attacks on state government websites, which Anonymous says will continue, ACP (Cyber Crime Cell) K. Chitti Babu said the city police did not register any case because it is not competent enough.
“We don’t have the expertise to look into hacking cases. We only have a few constables in the cyber cell,” he said.
Interestingly, the city police website lists ‘Unauthorised access and hacking’ and ‘Denial of Service’ attacks among other areas it deals with.
While the import of cyber security is now recognised across the globe, both the Centre and the state government have done little to raise the bar.
Under Section 70A of IT Act, amended in 2008, the Centre is required to designate a government organisation to secure critical information infrastructure protection, or to secure cyber space. But four years on, no such organisation has been designated.
Answering a question in Parliament last month, Union minister of state for communications and information technology, Sachin Pilot, said 248 government websites had been hacked last year, and 133 in the first three months of this year. The figures notwithstanding, there is no nodal agency in the country to look after cyber security, experts pointed out.
Evms safe from hackers: EC
Refuting some ethical hackers’ claim that electronic voting machines are vulnerable to hacking, Election Commission of India officials on Thursday said that the EVMs were foolproof.
“EVMs have been proven to be safe. If there are hackers who do not believe so, they are welcome to test it and prove their capabilities,” Prof. Indiresan, chairman of the commission’s technical experts panel, said.
But Rahul Raghavan, an ethical hacker, said such electronic devices could be hacked if the memory module is tampered with.
Deputy election commissioner of India Dr Alok Shukla said, “The several foolproof technical and administrative security features in the EVMs make it impossible to hack.”
State chief electoral officer Banwarlal said, “EVMs are standalone machines, completely cut off from the rest of the world, including the wireless mode, and are thus highly secure from any manipulation.