HYDERABAD: Threats in the form of malwares and ransomwares are common while maintaining a website or a digital framework of an entity. However, sometimes the origins of these attacks raise a lot of questions and leave officials wary. State government officials recently have detected many hacking and security breach attempts originating from Pakistan and Russia on departmental websites.
Sources in the government said that these hackers perpetrate ‘denial of service’ attack, which works by overloading a server, which causes the site to crash and thereby denying access to genuine users. “They ping your server more than its limit and genuine users do not get access. Officials start investigating when the pings go more than the limit,” said a government official.
The major work of those who maintain servers, and in this case of servers that cater to the State government’s data, is to keep a track on such events and nip the problem in the bud. If someone accesses a website from outside the country, it could be because either their network was rerouted or the origin itself was foreign. In the latter, officials have flagged IP addresses when they try to access features like File Transfer Protocol. “If he is trying to login to FTP it means he is trying to change something in it.”It is then that the technicians start blocking series of IPs.
It is then that the technicians start blocking series of IPs and also put them on watch mode. It is important to note that IP addresses are dynamic, and it gets reassigned to a new user every time. So these experts, after red flagging the IPs from where threats were detected, keep a track of them if they are used again.
Apart from this, precautionary steps have been taken by the Information Technology, Electronics and Communications department. An official said that departments have to do complete security audit of their digital application and submit their certificates to the ITEC department. These audits have to be done every six months because the applications keep on changing.