To protect sensitive information networks in an efficient manner, the government has decided not to host any defence website on private servers.
“We have issued instructions not to take private servers for hosting Army websites. I can assure the member that no operational matter of the Army, Air Force or Navy is on the internet. It is all on intranet,” Defence Minister Manohar Parrikar informed the Lok Sabha during question hour on Friday, in response to questions on the cyber network security in defence.
K Parsuraman, AIADMK member for Thanjavur, in a supplementary question said cyber insecurity is prevalent in all sectors, and can become a big challenge for the defence sector also.
“Recently, the personal details of over 50,000 Army officers, including the Chief of Army Staff, are believed to have been compromised following the hacking of the website of the Office of the Principal Controller of Defence Accounts,” he said while wanting to know about the government’s action in this regard.
Parrikar assured the House that action has already been taken by securing the website and hosting it on the NIC network. “It was a case of a private server that was used on outsourcing. We have ensured that the information has been blocked, the site has been blocked,” he said, clarifying that as the operational matter of the defence is on intranet only, it is within the force-specific network for the Army, Air Force and Navy. “It is air-gapped from the internet. It cannot be hacked because it is not on the internet,” he added. The Minister also informed the House in writing that the government has taken a number of steps to protect confidential information pertaining to the defence sector from cyber attacks. “There are no reports of defence sector networks being attacked by cyber hackers and foreign intelligence agencies. However, cyber attacks are faced by internet-connected personal computers and these relate to unauthorised data access, denial of service, compromise of logic credentials,” he said.
Cyber emergency team Parrikar said the defence services have established Cyber Emergency Response Teams (CERTs) to prevent cyber attacks. There are safeguards in the form of audits and physical checks.
“Policies, guidelines and procedures are laid down and cyber security advisories are issued from time to time.”