The Minister of State for Communications and Information Technology, Sachin Pilot, has informed the Parliament of India, that a total of 117 Government websites were defaced during the period January to June, 2011. He said that all the affected organizations and departments were requested to provide web server logs of hacked websites for analysis and for identifying the nature and type of attack and vulnerabilities exploited by the hacker. Based on the analysis the organizations were advised to take specific steps to strengthen the security of websites. The analysis report alongwith countermeasures to plug the exploited vulnerabilities was provided to the affected organizations by Indian Computer Emergency Response Team (CERT-In).
Replying to a question asked in the Parliament, Pilot also disclosed that the information on the website of National Investigation Agency (NIA) was temporarily disabled, however, the website was not hacked, and that the government has taken various steps towards ensuring cyber security, including:
– A cyber security audit for all new Government websites and applications, before and after their hosting.
– The Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding latest cyber threats and countermeasures on regular basis.
– The National Informatics Centre or NIC, which hosts government sites, has been directed not to host websites without audit.
– The NIC is continuously upgrading and improving the security posture of its hosting infrastructure.
– All Ministries/ Departments of Central Government and State Governments are implementing a Crisis Management Plan to counter cyber attacks and cyber terrorism.
Recently, there were reports that the NIC website was hacked into by Anonymous, a global, anarchic collective of online activists (rather, hacktivists), to protest against Delhi Police’s action against Baba Ramdev’s anti corruption campaign. Last week, a Pakistani hacker group, Pakistan Cyber Army had claimed to have hacked the website of Bharat Sanchaar Nigam Ltd (BSNL), gaining access to information of 10,000 users including names, email addresses, phone numbers and location.