Home Ministry's Website Hack: A Wake-Up CallGovernment Needs to Do More to Mitigate the Risks
Hackers gained unauthorized access to information on the website of the Ministry of Home Affairs on February 12, prompting authorities to temporarily block it, according to news media reports. The National Informatics Centre, the Intelligence Bureau, the National Investigation Agency and Delhi's law enforcement agencies are investigating.
Meanwhile, security experts are questioning why the ministry apparently didn't do enough to protect its website, especially after it made claims about protecting India against increasing cybercrime with key measures in the past year.
India needs to develop a systematic approach to training experts to monitor cyber threats and send alerts to various departments.
Ministry sources say the hackers may be associated with Inter-Services Intelligence (ISI) of Pakistan, which has been launching cyberattacks on Indian government websites - and sometimes defacing them - in the past year.
Once it evaluated the security features of the Ministry of Home Affairs website, the National Informatics Centre, which hosts all government servers, brought the site back up after blocking access for two days.
The Ministry of Electronics and IT (MeitY) says that over 700 websites of central and state departments were hacked in the past four years, with most of the hackers involved arrested.
CERT-In's report says 199 websites of central ministries/departments and state governments were hacked in 2016, 164 in 2015, 155 in 2014 and 189 in 2013, clearly indicating an increase in cybercrime.
Last month, suspected Pakistan-linked operatives hacked the India National Security Guard's website, defacing it with a profanity-laden message against the prime minister and anti-India content, according to NDTV, which reported the hackers, identifying themselves as 'Alone Injector', posted the offensive content on the site's home page.
A series of website defacements suspected as being linked to Pakastani hackers, including those targeting Canara Bank, Karnataka Police, and Assam police, have been reported in regional news media. Those attacks also reportedly involved inserting a malicious page to prevent transactions.
Cybersecurity Comes Up Short
It seems that Indian organizations are easy prey for hacker attacks against their websites. What can be done to mitigate the risks?
Union Home Minister Rajnath Singh has been reiterating that India needs to create new barriers to block hackers.
But there's little evidence of progress in this risk mitigation effort. How will India achieve its goal of creating cybersecure ecosystem?
Some recommendations from the home ministry were:
- Setting up a Cyber Crime Coordination Center with branches across all states with an investment of $85 million, increasing by 40 percent annually;
- Having the new coordination center collaborate with the Crime and Criminal Tracking Network & Systems and the National Intelligence Grid to share access to databases that have information related to crime and criminals;
- Applying social media for analytics to monitor activities related to various government organizations;
- Monitoring of online shopping and social networking websites;
- Reducing dependency on foreign servers and ensuring one dedicated secure gateway for all government communication.
Some security practitioners in the government, however, contend that little progress has been made in implementing these recommendations.
Another important measure by the home minister was to instruct the Intelligence Bureau to create a cybersecurity architecture exclusively for the home department.
The minister had also given the go-ahead to create a specialized wing and an additional 500 new posts in the intelligence wing, headed by an officer of joint director rank.
But too many government security initiatives are tactical in nature and incident-driven, with no thought given to data analysis or information flow.
It's difficult for India's government to investigate hack attacks against its websites because the government lacks those with forensics expertise, says Rakshit Tandon, cybersecurity adviser, Uttar Pradesh Police Task Force.
Bangalore-based Sanjay Sahay, additional director general of police-cybercrime, Karnataka Police, says the key challenge is finding the right resources and capabilities to develop a defensive forensic and incidence response mechanism and build auditing capabilities against hacktivism.
India's efforts to boost cybersecurity will clearly stall until incident investigation and grievance handling mechanisms improve. CERT-In could play a major role in creating an effective incidence response mechanism.
India needs to develop a systematic approach to training experts to monitor cyber threats and send alerts to various departments. The government needs more well-trained techno-legal staff with good data compilation and analytical skills to help in the battle against hackers.