by Saikat Datta, Hindustan Times
A major security breach of the National Informatics Centre (NIC), which runs all the emails of senior officials and websites of all central government departments, allowed hackers to issue several fraudulent digital certificates, raising global concerns about India’s net security practices.
The NIC is one of the select few authorised entities allowed to issue digital certificates and signatures that lie at the core of safe internet transactions. On June 25, hackers managed to breach its security and access all the data on its root directory that hosts its most sensitive data. They issued several fake digital certificates that went undetected for several days.
Digital certificates help authenticate users and allow them safely log into emails, make payments and conduct sensitive transactions. A fake certificate can compromise critical data like passwords, names and personal data of internet users as well as cause huge financial frauds if left undetected.
With NIC failing to detect this breach, the matter would have been buried but for alarms raised by global IT majors like Google, Microsoft and Yahoo. Most of the web traffic passes through their browsers and search engines and an undetected fake certificate could have led to major frauds and loss of sensitive data.
Read the entire article here.
(c) 2014 Hindustan Times. Excerpted here with permission from Hindustan Times