BHUBANESWAR: Even as Odisha’s internet users’ base continues to widen, a parallel rise in cyber threat has become a matter of great concern.Citing that a number of important government websites in Odisha are prone to cyber attack, the National Critical Information Infrastructure Protection Centre (NCIIPC) has sought a report from the state government on steps taken to thwart vulnerability and protect data.
The NCIIPC, a unit of National Technical Research Organisation (NTRO), has found vulnerability in at least 26 websites in the state. The websites included Odisha budget, Handlooms and Textiles department, Culture department, State Commission for Persons with Disabilities, Rebate Management System, Madhusudan Academy, State Financial Corporation, Berhampur Municipal Corporation and state scholarship portal.
The Centre has also issued an advisory to make all government departments using e-office aware of the security risks. As per the advisory, scanned documents containing sensitive information are not recommended to be hosted on the e-office.Officials will have to ensure that the latest antivirus and anti-malware software on computers through which the e-office is accessed are regularly updated.
The implementation of e-office in various departments might have brought about a great deal of efficiency in the overall working and disposal of government business, besides ensuring the functionality of the government, but cyber attacks have become the latest threat.Notwithstanding the benefits, the websites like any other IT-based system, are susceptible to online invasions especially ethical hacking, keylogger and phishing. The security of the system may be strengthened, but dangers cannot be overruled, stated the advisory.
Though the Centre has been seeking compliance status on its vulnerability assessment (VA) reports every month since January, no report has been sent by the government.“NCIIPC has been sharing the VA reports in respect of ICT infrastructure of the Odisha government from time to time. But it has not received the action taken report,” read a communication to the chief secretary.
Meanwhile, the Odisha Computer Application Centre (OCAC) has urged the respective departments to instruct the developers of the websites to fix the application bug without delay following the NCIIPC advisory.The departments have been asked to conduct a regular cyber security audit and obtain a ‘safe to host’ certificate which is mandatory for hosting the application in Odisha State Data Centre (OSDC).