TMCnet News

Hackers force govt to review software use [Thiruvananthapuram] [Times of India]
[December 21, 2013]

Hackers force govt to review software use [Thiruvananthapuram] [Times of India]


(Times of India Via Acquire Media NewsEdge) THIRUVANANTHAPURAM: Mass defacement of the state government departmental websites by hackers is forcing the information and public relations department (I&PRD) and C-DIT to consider moving from free and open source software to proprietary software.



The Computer Emergency Response Team-Kerala (CERT-K) recently suggested that the I&PRD move from free software to proprietary software to prevent hackers from getting the better of them. The official government website maintained by I&PRD, www.kerala.gov.in, and its own website, www.prd.kerala.gov.in, are hosted by Joomla, a free and open-source content management framework.

A top-level CERT-K official said that when Joomla module versions change, development teams do not upgrade to newer versions, this leaves websites vulnerable to attacks. "The state government must develop a high-level cyber security team, especially as the government is moving toward a total e-governed state. The revenue and MVD departments and other departments are accepting payments online so the government cannot afford to slack on cyber security," said the official.


An I&PRD official from the Web and New Media Division said CERT was right in suggesting the move to proprietary software.

"With open source software, it is at times difficult to upgrade some modules to a higher version. With proprietary software, the company itself provides periodical upgrades, which are easier to maintain. However, we need other security measures suggested by the CERT such as strengthening passwords, etc," said the official.

"There was a suggestion by CERT to move from open source to proprietary software, but no decision has been taken on it. It would be a very time consuming and costly affair as we maintain around 100 websites," said Babu Gopalakrishnan, director, C-DIT.

"The last time that a state government department website was hacked was on December 7 and we figured that out from a forum that the hacker used to boast about his achievement. No hacking goes without someone taking credit for it, so we keep a close watch on many online forums, but it is not easy to track the origin of the hacker as they use proxy servers that touch many countries. With Kerala being a big promoter of free and open source software, it makes it an easy target," said the CERT official. The I&PRD also clarified that that if people were unable to access sites hosted by C-DIT on Wednesday and Thursday, it was due to a BSNL network problem and not the work of hackers.

(c) 2013 Bennett, Coleman & Company Limited

[ Back To TMCnet.com's Homepage ]