- As most Union government offices are expected to go fully digital by the end of February 2023, several security measures have been put in place to avoid any cybersecurity incidents such as the recent cyber and ransomware attack on the servers of the All India Institute of Medical Sciences (AIIMS) in Delhi.
- Cabinet Secretary Rajiv Gauba has directed all the Union government Ministries and Departments to migrate to e-office 7.0, an in-house system developed by the National Informatics Centre (NIC), by February.
- The half-yearly report of the Computer Emergency Response System (CERT-IN) published in August said ransomware incidents continued to grow in 2022, with attacks across multiple sectors, including critical infrastructure.
- It said that “post-COVID accelerated digitalisation and hybrid work culture are also aiding this threat emergence”, adding that ransomware attacks jumped 51% during the first half of 2022 from the previous year.
- Srinivas, Secretary, Department of Administrative Reforms and Public Grievances, said e-office was a highly secure system with timely security audits and adequate firewalls.
- “It is important to note that e-office is for unclassified files, with two-factor authentication and is not available on the Internet but on NICNET. It has mandatory features of authentication of documents with digitally signed certificates and e-signatures,” Mr. Srinivas said.
- So far, 74 Ministries and Departments have migrated to e-office version 7.0.
- At least 13 offices that are yet to migrate to the updated system are the Comptroller and Auditor General (CAG), the Election Commission of India, the Department of Commerce, Ministries of Cooperation, External Affairs, New and Renewable Energy, Parliamentary Affairs, Petroleum and Natural Gas, Power, Transport and Highways, Textiles and Tribal Affairs.
- Data show that the number of e-files generated in the past two years has seen a massive increase. In 2020, the total number of e-files generated across Ministries stood at 14.27 lakh, which increased to 27.02 lakh e-files till September 30, 2022.
- The number of such files are projected to go up to 31.65 lakh files by March 31, 2023.
- According to the present norms, the e-office does not cater to the requirements of “secret, top secret, classified communications” and such files are only handled on physical mode.
- The e-office application is regularly audited for known vulnerabilities by third party agencies on the panel of CERT-IN, the officer said. He said that the infrastructure was also audited annually by the third party agencies. The servers were hosted in the National Data Centre.
- On December 20, the government informed the Lok Sabha that the November 23 cyberattack at AIIMS took place as “unknown threat elements” tampered with the Information Technology servers at the hospital due to “improper network segmentation.”
- It added that the IT system at the hospital was managed in-house and post-attack, CERT-IN and other agencies had suggested measures to protect the system. CERT-IN said that 12,67,564 cybersecurity incidents were reported from January-November 2022, while the years 2018, 2019, 2020 and 2021 reported 2,08,456, 3,94,499, 11,58,208 and 14,02,809 incidents, respectively.
SOURCE: THE HINDU, THE ECONOMIC TIMES, PIB