Why govt orders security audit of IT infrastructure?

NEW DELHI: Alarmed at the rising cases of cyber attacks emanating from the web space of a host of nations, including Pakistan, China and the UAE, the Centre has ordered security auditing of the entire IT infrastructure of the central and the state governments.

There has been a spurt in cyber crimes against Indian establishments and the exercise has been initiated to check the preparation of government establishments against such activities, communications and IT minister Ravi Shankar Prasad said on Monday.

“All central government ministries/departments and state/Union Territory governments have been advised to conduct security auditing of entire IT infrastructure. All the new government websites and applications are to be audited with respect to cyber security prior to their hosting,” Prasad informed Lok Sabha.

21,699 websites were hacked in India in 2011, which grew to 27,605 in 2012 and 28,481 in 2013. In the five months of 2014, a total of 9,174 hacking incidents have been reported so far.

Apart from the hacking incidents, the Indian Computer Emergency Response Team (CERT-In) reported 13,301 incidents of web security breach in 2011, which grew to 22,060 in 2012, and to 71,780 incidents in 2013. So far this year, 62,189 units have been reported. “These incidents included phishing, scanning, spam, malicious code, website intrusions etc,” Prasad said.

The attacks have been observed to be originating from the cyber space of a number of countries including Pakistan, China, UAE, US, Turkey, Brazil, Bangladesh, Algeria and nations in Europe.

The government has circulated computer security policy and guidelines to all the ministries and departments, regarding steps to be taken to prevent, detect and mitigate cyber crimes. Also, it has circulated crisis-management plans for countering cyber attacks and cyber terrorism, Prasad said. The government has also set up sectoral CERTs in the critical areas of defence and finance.

As per the cyber crime data maintained by the National crime Records Bureau, a total of 1,791 cases were registered in 2011, which grew to 2,876 cases in 2012, and to 4,356 cases in 2013. Within these, there has been a spurt in cyber crimes where cases were registered under the Indian Penal Code.

The home ministry has issued an advisory to state governments on cyber crime. “State governments have been advised to build adequate technical capacity in handling cyber crime including technical infrastructure, cyber police stations and trained manpower for detection, registration, investigation and prosecution of cyber crimes,” Prasad said. The government has also initiated steps on development of cyber forensics tools and for training police and judicial officers in these so that the digital evidence can be presented in courts.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s