The Department of Electronics and Information Technology (DeitY) has accused the National Technical Research Organisation (NTRO),Indias technical intelligence gathering agency,of penetrating/ hacking into the National Informatics Center (NIC) network.
The DeitY has cited a report prepared by its operations division,the Indian Computer Emergency Response Team (ICERT),listing specific instances when NTRO reportedly hacked into NIC infrastructure and extracted sensitive data connected to various ministries.
NTRO has rubbished the charges. It is also learnt that NIC refused to give access (logs) to NTRO to conduct penetrative testing,the purpose of which is to sensitise agencies about cyber threats.
NIC provides internet connectivity to all ministries and its NICNET has institutional linkages with the central government,state governments and union territories. All government officials have email IDs issued by NIC.
According to official sources,J Satyanarayana,Secretary,DeitY,wrote to National Security Advisor Shivshankar Menon in February this year requesting him to examine NTROs role in hacking these email IDs.
NTRO had earlier warned that NICs network is penetrable and prone to cyber attacks. As reported by The Indian Express,over 10,000 email addresses of top government officials were hacked on July 12 last year,just days after NTRO issued an alert. The attack was blamed on state actors based in countries inimical to Indias interests.
When contacted,Satyanarayana declined to comment on the issue,saying these are internal matters. Whenever vulnerabilities in cyber security are pointed out,corrective action is taken, he said.
On being asked about NICs refusal to share logs with NTRO,Dr Y K Sharma,DG,NIC said: We follow government instructions and it is not appropriate to comment on departmental issues. Our network is safe but problems do happen,not only in India but the world over.
Dr Gulshan Rai,DG,ICERT,was unavailable for comment. However,another ICERT official blamed NTRO for creating unnecessary panic.
NTRO chief P V Kumar was also not available for comment. But NTRO sources,requesting anonymity,questioned the ICERT report. Why would NTRO do it? said an official.
Meanwhile,the IB and R&AW are reported to have told the government that NTROs role should be downgraded to that of a service provider.
Web of charges
DEPT of Electronics and Information Technology says NTRO hacked NIC network,extracted sensitive data linked to different ministries.
NIC refuses to give access (logs) to NTRO to conduct penetrative testing.
NTRO warns NICs network is prone to cyber attacks.
ON July 12,2012 over 10,000 email IDs of top officials were hacked.
IB,R&AW want NTROs role to be downgraded.