As per the information tracked by, and reported to Indian Computer Emergency Response Team (CERT-In), Department of Information Technology, a number of Government websites have been hacked during the period January, 2005 to February, 2008; of which one pertained to a defence related pay office in January, 2006.

The websites hacked included those belonging to Ministry of Railways, Air Cargo Customs (Mumbai), Forward markets Commission, National Institute of Health and Family Welfare, National Institute of Social Defence, Department of Administrative Reforms and Public Grievances, Wireless Planning & Coordination Wing, Bharat Sanchar Nigam Limited, Telecom Regulatory Authority of India, Department of Information Technology and Anthropological Survey of India.

The websites were hacked by exploiting technical vulnerabilities in the operating systems, web server, database software and application software.

The Government has taken several measures to enhance cyber security of IT infrastructure in India. These include (i) CERT-In has published a Security Guideline for “Securing Websites” and these have been widely circulated for implementation. (ii) CERT-In issues security alerts, advisories to prevent occurrence of cyber incidents and also conducts security workshops and training programs on regular basis to enhance user awareness. (iii) The organisations operating critical information infrastructure have been advised to implement information security management practices based on International Standard ISO 27001.

This information was given by the Minister of State for Communications and Information Technology, Dr. Shakeel Ahmad in a written reply to an un-starred question in the Lok Sabha.