GIFT a SubscriptionGift
HamberMenu
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon

To enjoy additional benefits

GIFT a SubscriptionGift
ShowcaseCrossword+

CONNECT WITH US

year
Click here for our in-depth coverage of Lok Sabha and Assembly elections #ElectionsWithTheHindu

GST system is robust: Centre

Tells Rajya Sabha that the network is not directly exposed to the Internet

July 22, 2017 09:15 pm | Updated 09:19 pm IST - New Delhi

Special Correspondent
NEW DELHI, 19/09/2016: The logo of GSTN, in New Delhi on September 19, 2016. Photo: Kamal Narang

NEW DELHI, 19/09/2016: The logo of GSTN, in New Delhi on September 19, 2016. Photo: Kamal Narang

The Goods and Services Tax (GST) system is not exposed directly to the Internet and has a dedicated round-the-clock security operations command centre in its network against cyberthreats, the government has told the Rajya Sabha.

To a question, the government said on Friday that any interaction with the system was only through APIs (application programming interfaces). It had a multi-layered security architecture and had operational segregation through use of a virtual local area network.

Access privileges

There was segregation of duties, least privilege access principles, Internet Protocol (IP) filtering and blocking of rogue IPs, resiliency at each layer, secure coding practices ensuring security of GST software development throughout Software Development Lifecycle, and at-rest and in-transit data encryption, the government said.

The data sharing mechanism ensures that any data transfer from the GST system is in encrypted format. The system banks on thorough security testing and full-system vulnerability assessment and penetration testing of IT infrastructure, besides the apps used licensed tools and customised scripts, said the government.

Security incidents

According to the Indian Computer Emergency Response Team (CERT-In), a total of 44,679, 49,455, 50,362 and 27,482 cybersecurity incidents were observed during 2014, 2015, 2016 and 2017 (till June), respectively, the government said in response to another query.

The types of cybersecurity incidents include phishing, scanning/probing, website intrusions and defacements, virus/malicious code, targeted attacks, ATM malware, ransomware and denial of service attacks among other threats.

The government had taken a series of measures to strengthen the cybersecurity infrastructure. All financial institutions had been advised by CERT-In, through the Reserve Bank of India (RBI) to conduct an audit by empanelled auditors on a priority basis and take immediate steps accordingly.

Crisis plan

All organisations providing digital payment services have been mandated to report cyber security incidents to CERT-In expeditiously. The government has also formulated a Cyber Crisis Management Plan for countering cyber attacks for implementation by all ministries and departments.

Top News Today

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.