Kollam: The hacking incidents reported from the Kerala state secretariat likely originated from China and Pakistan. The Kerala government ignored the warnings issued by a central government agency about the weak points of the computer network in the administrative headquarters.
Meanwhile, the Information Technology department responded to the Manorama expose by plugging the source of the news, rather than addressing the problems.
The National Critical Information Infrastructure Protection Centre (NCIIPC) had alerted the state Information Technology department that the network was vulnerable and hackers could target it. The department ignored the warning it did with another alert from the National Informatics Centre about the presence of malicious software.
The Information Technology department under M Sivasankar had hired Thiruvananthapuram-based Mirox Cyber Security and Technologies Private Limited to conduct a security audit of the network in the secretariat and explore any vulnerability. Central agency C-DAC was also given a Rs 2.95 lakh contract to audit the network and the e-office database.
The 60-page recommendations given by the private firm was never implemented. There were no follow-up actions on speculations that data was transferred out of specific computers in the secretariat and that presence of malicious software was found all over the network.
Adding to the mystery is the shifting out of machines from the secretariat even as a security audit was in progress. It was not clear if the machines, supposed to be outdated and useless, were cleaned out before taking them out.
The Information Technology department defends its decision not to publicise the audit report by saying that it was bound by a non-disclosure agreement with the private firm.
