An initial investigation into instances of users being redirected from government websites to porn sites has found that some systems at government offices that maintain the websites were found logged into ‘unauthorised websites’ from where officials intentionally or inadvertently downloaded malware.
Cyber security experts in investigating agencies told News18 on condition of anonymity that the latest instance of a user being redirected from a central ministry’s website to a porn site was reported last month. The “critical issue” raised a security concern, an official said.
According to a senior government official, websites run by the government have sometimes been found to be redirecting traffic to porn websites due a malware triggered by unauthorised access to the systems. To address the security concern, a detailed analysis has been initiated.
Officials said the initial investigation revealed that few systems were found to be logging onto ‘unauthorised websites’ from the malware was downloaded. It is suspected that some staff members, knowingly or unknowingly, downloaded the corrupt files, following which websites started redirecting users to adult sites, a senior government official privy to the development told News18.
“Some cases were reported or noticed by MHA’s cyber security agency and Indian Computer Emergency Response Team (CERT-In) was also roped in to address the issue. Websites redirecting users to a porn website could be because of not following cyber hygiene, watching adult content or clicking unsecured links,” the senior official added.
Though officials claimed that access to ‘unauthorised websites’ is barred on the systems, cyber experts said it is tough to protect the system 100%.
According to observations by CERT-In, “hacktivist groups have used DDoS (Distributed Denial of Service) to attack websites and Information and Communication Technology (ICT) infrastructure of India and other countries.”
“The attacks include DDOS attacks directed at individual servers, an amplification attack that directs a large volume of traffic toward a victim’s network,” an official communication released last week said.
Comments
0 comment