Cyber experts sound alert about vulnerability of govt sites, Aadhar data at risk
RANCHI: Cyber experts have sounded an alert about vulnerability of sites of government of Jharkhand. One of the defaced accounts of state human rights commission, hacked by one Team Hind hackers reads “this website has been officially hacked, and I am really not happy to do so…..I want Indian websites to be more secured and not like this that every other Pakistani just comes and deface it,” (sic). The hacker team has offered his services to secure the sites by providing his facebook page link.
Also read this:-Supreme Court website hacked?
Corroborating the claim, founder Cyber Peace Foundation (CPF) and National Anti-hacking group Vineet Kumar said most of the government websites are highly insecure but unless the government approaches officially for conducting security audit, it was beyond their scope to hold any survey. “We do offer complimentary discovery assessment and conduct surveys for different sites for our internal research and development of security system,” he said.
The matter is known to government and a project code named JC3 (Jharkhand Cyber Coordination Centre) is under consideration of state government but if director information technology, government of Jharkhand UP Shah is to be believed all the websites managed by state government are secure. “Some of the old websites or websites of government departments that were outsourced to private companies could be vulnerable and prone to hacking but we have a secure system in place,” he said. Asked if it was safe enough to seed aadhar number with government departments that do not have secure websites, Shah said that the department like food, public distribution and consumer affairs is only collecting Aadhar number and not the biometric details. “Process of aadhar authentication is online and done through the UIDAI website hence there is hardly any chance of biometric details being stolen,” he said.
साइबर ठगों ने पूर्व सीजेआई आरएम लोढा को निशाना बनाते हुए एक लाख रुपए ठग लिये. खबर है कि ठगों ने जस्टिस आरएम लोढा के करीबी दोस्त के ईमेल अकाउंट से संदेश भेजकर एक लाख रुपए की ठगी कर ली.
Also read this:-Aadhaar hearing: Bench questions why both right to privacy and right to food cannot be secured under the Constitution
Cyber experts however believe that the situation is completely different on ground. Biometric details and data for Aadhar are being collected at private centres, many of which are cyber cafes with minimal security measures in place. Vineet said that as per survey conducted by National Antihacking Group (NAG) in 2013 majority of the cyber cafes and public internet booths were found to be infected with malware. “These aadhar data collection centres can not only copy biometric details on pendrive and sell it to cyber criminals but are soft target for the criminals as well because most of them use pirated software and the system is not protected by security applications, with firewall, Antivirus and internet security software” he said.
Also read this:-Supreme Court dismisses Dawood Ibrahim kin’s plea against attachment of properties
Sharing experience of wi-fi war drive experiment conducted in 2013-14 Vineet said that most of the wifi services including those of government and major institutions are open and accessible to general user, prone to cyber attacks and invitation to ransomeware.