As per information shared by Minister of State for Home Affairs, Hansraj Gangaram Ahir, over 700 different central and state government websites were hacked in a three year period between 2013 and 2016. Ahir shared information on these attacks with the Lok Sabha on Tuesday, through a written letter. Incidentally, Tuesday was also marked as the Safer internet Day.
Ahir also shared some statistics on Cyber attacks accumulated by the Computer Emergency Response Team (CERT), which recorded 199 website breaches of central and state ministries and departments in 2016. This number ballooned from 164 government website hacks in 2015 and 155 in 2014.
As far as arrests related to Cyber crime are concerned, only 315 persons were convicted in 2014-15, of the 8,348 arrested during the same period. Indian government’s online properties have been facing frequent cyber attacks, the most recent one being that on the NSG website. The paramilitary force’s website was defaced with profane messages against the Prime Minister, along with anti-national messages. The hack was claimed by 'Alone Injector', believed to be affiliated with Pakistani operatives.
Hacker group Legion, the outfit behind breaches of Twitter accounts belonging to Congress leader Rahul Gandhi, Journalists Barkha Dutt and Ravish Kumar, had also recently threatened to attack Sansad.nic.in, the website that provides email services for various departments under the Indian government. However, Legion never carried out that threat, which was made back in December.
Attacks on India’s government websites have only been increasing over time. A microsite of the Railnet page of the Indian government was found hacked by terror outfit al Qaeda back in 2016. The hacked page belonged to the Personnel Department of Central Railways and was used for administrative purposes.
Ahir said that the government is taking several steps to address the cybersecurity problem, including policy, legal and technical measures. The government has initiated an audit of its networks and systems. It will also share threat related information with stakeholders and will issue advisories through CERT and National Critical Information Infrastructure Protection Centre (NCIIPS).