‘No cyber breach in NIC email system’
The email system is equipped with a defense-in-depth security architecture with a layered security approach, the Union IT ministry said
NEW DELHI: There was no breach in the government’s official email system maintained by the National Informatics Centre (NIC), the Union ministry of electronics and information technology told Parliament last week, in a stand that appeared to contradict several cybersecurity incidents in the past year.
In February, HT reported on a series of phishing mails by attackers who gained access to NIC domain email addresses, triggering multiple advisories by different government IT departments warning officials against opening attachments or links contained within them. HT is aware of at least two people — former defence ministry officials — whose devices were hacked at the time. “No,” the ministry said in response to a question by a Lok Sabha member who asked to know “whether there was a cyber security breach into the e-mail system of Government maintained by NIC in recent past.”
The response, by Union minister of state for the IT ministry Rajeev Chandrashekhar, also added: “The email system is equipped with a defense-indepth security architecture with a layered security approach. All incoming mails are scanned for the presence of any malware, spam, phishing, spoofing, sender reputation etc. In addition to the above, network level firewall, application level firewall. Intrusion Prevention System etc. are deployed…”
“In order to enhance the security of email accounts, NIC has implemented geo-fencing. This allows access to the users email account only from the country where the user is physically present,” the minister added.
The government also added that it had made multi-factor user authentication “mandatory for email access and is being rolled out for email users to strengthen the email account security”.
Multi-factor user authentication refers to a second requirement, usually a one-time password, for someone to access an email service in addition to their password.
Altogether, HT is aware of at least six NIC domain addresses – five with @gov.in addresses and one with @nic.in, which have been used to send out phishing emails, prodding users to download attachments or click on links that could ultimately compromise their devices. Senior government officials, including those from the ministries of defence and external affairs, received this emails, some of the recipients confirmed to HT at the time.
NIC, which runs the official email service for the government, at the time clarified that the compromised emails were blocked immediately and no breach or loss of data was reported. Experts said the multi-factor authentication in a system such as NIC’s may not make it fool-proof and that the reply does not take into acknowledge the magnitude of cybersecurity challenges.