The Ministry of Road Transport and Highways received an alert on 22 March of the ubiquitous cyber-attacks. The anonymous attacks are targeted towards the critical industry of the nation.
Alert from CERT-In
The Ministry of Road Transport was informed about the upcoming cyber threats by CERT-In. Intrusion activities with malicious intentions are feared. The Ministry has advised departments and organizations under the transport sector to augment its IT security systems.
Government wings under the radar
NIC, National Highways Authority of India (NHAI), National Highways and Infrastructure Development Corporation (NHIDCL), Indian Road Congress (IRC), Indian Academy of Highway Engineers (IAHE), State PWDs, Testing agencies, and Automobile manufacturers are instructed to audit their security by CERT-In certified agencies. Last year in June also NHAI has reported a cyberattack on its email server and had said that prompt action resulted in no data loss. It had shut down its server then as a precaution.
TPT Policy advocacy and recommendations
- It is now time that the government boosts its cybersecurity to sustain anonymous threats to the most critical sector of the nation. National Information Centre hosts the government mail services has been compromised several times in the past. These agencies are overburdened and under staff. Now that we are proceeding towards digitization and digitalization, the socio-economic sector becomes more vulnerable to cybercrimes.
- The government should take learnings from the POLISH National Airlines cyberattack and China Nation Train system decryptions and initiate the proposed Project NETRA to cut down cyber threats. The governing system should maintain a sync between the national and international agencies working on cybersecurity and streamline the process and protocols. Digital armed forces of trained IT-professionals must be employed to carry defensive and offensive operations. The success of deemed projects like Make in India, Digital India, and Smart India entirely depends on the omission of a cyber breach.