The State government has initiated steps to streamline uploading data and other operational procedures on a host of websites of different departments.
The measures are the result of Irrigation Department’s website irrigation.telangana.gov.in being hacked. The official website, maintained by the Centre for Good Governance, was found hacked on Monday when unauthorised files were uploaded in the circulars and proceedings section of the website. The uploaded files included .php ones and some unauthorised images stating “Dracula is here”.
The department stopped all access to the website and it was set aside for two days with a message that the website was under maintenance. Subsequently, the CGG advised the Irrigation Department to adopt Hyper Text Transfer Protocol Secure (HTTPS) certificate to the website as one of the solutions.
Later, all unauthorised uploaded files were deleted from the database. At present, circulars, proceedings and other information are being uploaded by one of the administrative staff of Engineer-in-Chief’s office.
The department sent one-time password to the mobile number and e-mail id of the employee at Engineer-in-Chief’s office as a security measure for logging in the system to upload files and proceedings.
Restrictions have also been placed on the kinds of files that would be uploaded allowing only PDF, Word documents (.doc, .docx), images and pictures (.jpg, .jpeg, .png) and compressed files (.zip, .rar).
All other types of files would not be allowed to be uploaded on the website from now on.
IT Department officials said steps have been initiated to streamline data uploading process into government-operated websites. Though there were standard operating procedures that the departments followed, the fact that these websites were scattered across multiple data centres gave scope for hacking.
“There are different stakeholders in the entire scheme of things, including the departments concerned, officials entering the data, security operating centre and security applications and their vendors,” a senior official told The Hindu .
The department has decided to put in place a mechanism where learning from such experiences would be shared by the departments concerned to avoid recurrence of such events.
