On 6 April 2018, the Indian government reported that its Ministry of Defence website had been hacked. An error message was displayed on the home page instead of regular content, and the appearance of Chinese characters on the page caused a furore on social media. A tweet from Nirmala Sitharaman, the defence minister, confirmed the incident.
On the same day, nine other government websites were reported as inaccessible, displaying the error message: “The requested service is temporarily unavailable. Sorry for Inconvenience. It would be available soon.”
However, the National Informatics Centre (NIC), which develops and manages all Indian government websites, soon clarified that that website has not been hacked and that the issues were the result of a hardware error.
Gulshan Rai, head of the Computer Emergency Response Team (CERT), also refuted the website hack claims. “It is a hardware failure, affecting around 10 government websites […] The websites will be restored soon,” he said.
Although the incident was the result of technical issues rather than malicious intent, the sites still experienced more than eight hours of downtime – something unacceptable in today’s digital age, be it a government website or a business enterprise. It affects customers’ and, in this case, citizens’ perceptions and can lead to reputational damage and financial losses. Fortunately, there are standards available to help ensure the security of your IT infrastructure.
ISO 27001 is the international standard that describes best practice for an information security management system (ISMS). Certifying to the Standard demonstrates that your organisation is following information security best practice, and will help you to identify and tackle security threats and vulnerabilities.
IT Governance offers a range of ISO 27001 products and services to help your organisation, from training courses for staff to ISO 27001 certification. Find out more on our website, or download our free green paper, Information Security & ISO 27001: An introduction.