Investigation exposes potential security gaps in government domains

Hyderabad: An investigation by two cyber security agencies revealed potential security gaps in Indian State Governments’ Public-Facing Assets, high susceptibility to ransomware, and an increased risk of data breaches and losses.

The investigation to passively examine the domains of Indian state governments and Union territories has revealed that over 10% of domains in Indian states do not have the Secure Sockets Layer (SSL) encryption—a basic security protocol layer.

“Without the SSL encryption, hackers and threat groups can mount attacks easily and intercept sensitive data. Hundreds of highly sensitive protocols are currently exposed to the internet. These are the most vulnerable and popular exposures threat actors seek. As many as 293 instances of the SSH protocol and 67 instances of the FTP exposed to the internet,” the investigation found.

Additionally, over 700 credentials with passwords from all state domains leaked onto the deep and dark web, making these domains extremely vulnerable to phishing attacks, credential misuse, and impersonation. The investigation also found 537 instances of ransomware exposure, which makes the domains extremely vulnerable to ransomware attacks.

“When basic cyber hygiene is not robust, it leaves governments and organisations extremely vulnerable to cyberattacks. All organisations and governments must remain vigilant when shoring up their cyber defences. We will continue to highlight areas of improvement for governments and organisations to protect against ransomware attacks,” said Securin Inc. and Ivanti, who conducted the investigation.