Even after stringent measures enforced by Indian Government, hackers across the world have managed to hack over 155 Government websites which generally reside on GOV.IN and NIC.IN domains.
Even though the number of hacking incidents have reduced over previous years, it is still significant number.
According to the information given by Indian Minister for Communication & Information Technology Shri Ravi Shankar Prasad in Rajya Sabha today, a total of 32,323 Indian websites tracked by Indian Computer Emergency Response Team (CERT-In) were hacked in 2014. This number is highest over past 5 years. In comparison, 28,481 were hacked in 2013.
Here are number of Indian websites that have been hacked over past 4 years.
While high number generic website hacking is due to individuals not adhering properly to security requirements of the website, the number of Government websites that get hacked are definitely a worry.
High number of Govt websites getting hacked also shows that hackers are getting better with time and Govt officials are not able to keep up with it. While India has Computer Emergency Response Team (CERT-In) put in place to closely monitor hacking incidents, they are still happening at regular intervals.
What are the steps taken by Indian Govt?
According to statement made by IT minister all Central Government Ministries / Departments and State / Union Territory Governments have been advised to conduct security auditing of entire Information Technology infrastructure.
Going forward, all the new government websites and applications are going to be audited with respect to cyber security prior to their hosting. The auditing of the websites and applications will be conducted on a regular basis after hosting also.
Apart from this, Govt has now mandated that all government websites are to be hosted on infrastructure of National Informatics Centre (NIC), Education and Research Network (ERNET). Also, no website will be hosted on NIC or ERNET that has not undergone security audit.
As a proactive measure, CERT-in also issues alerts and advisories regarding latest cyber threats and countermeasures on regular basis. You can visit CERT-in website for more details.
