Rohit Mehrotra says: The Controller of Defence Accounts (Officers) website was hacked in March 2015 wherein besides the defacement of the web page; sensitive data pertaining to Indian Army officers had been stolen and at its worst it had been corrupted. This kept the system out of gear for more than a month and a half and is yet to recover fully. The other instances of a major cyber-attack in June 2015 on the ground computer systems of the Polish Airways leading to grounding of close to 1400 passengers, cancellation of 20 flights and numerous flights getting delayed from the Warsaw Chaplin Airport followed by the incident of cyber espionage wherein critical personal data pertaining to the agents of the CIA by Chinese hackers (as accused by the US Government) who broke into the Office of Personnel Management (OPM) network in the recent past have been reported.
The latest in the line being the hacking of the Home Page of the Antrix Corporation Limited; the commercial arm of ISRO on Sunday- the 12th July. This has come precisely two days after ISRO’s successful launch of one of its heaviest missions of five British Commercial Satellites on-board PSLV-C28 from Sriharikota on 10th July 2015. While the details of the damage are being ascertained, as of now it is reported that there has been no loss of any sensitive data.
Whatever be the case; any such instance of hacking not only causes a dent to the reputation but also raises a question mark on the efficacy of security measures / systems deployed for protection of sensitive data and the critical infrastructure of the country. This instance highlights the need to re-examine the existing security imperatives and improve India’s preparedness in protecting sensitive information and vital installations both government and private against new methods of surveillance and espionage, particularly in the cyber domain. In times to come the cyber-attacks and espionage in cyber domain is bound to see a northward trend with plethora of means and expertise available to the hackers (both state sponsored and non state actors). It is prudent that we take stock of our data security mechanisms including the technological means, the procedures and of course the people to ensure that such a case does not happen because security of our national installations in ‘Cyber Domain’ is as vital as its ‘Physical Security’ and thus be treated accordingly.