Bengaluru: The govt Thursday revealed that the distributed denial of service (DDoS) attack on Kaveri 2.0 web portal emanated from an IP address outside the state. The cyberattack crippled the stamps and registration department for nearly a month, severely affecting property registration and revenue collection.
“We were able to track down the location of the attack and details have been shared with investigators,” said an official from the e-governance department, refusing to disclose further details. However, despite the breakthrough, a formal complaint is yet to be lodged by the inspector general of registration (IGR).
To strengthen the portal’s security, a special team of domain experts is reviewing vulnerabilities in the Kaveri software at both its front and back-end systems. Meanwhile, revenue minister Krishna Byre Gowda has directed a third-party audit of all software used by his department.
“The team will include domain experts from institutes like IIIT and other places. They will review the safety of govt data,” Byre Gowda said.
Pankaj Kumar Pandey, e-governance principal secretary said, global tenders have already been floated for a comprehensive security audit of all govt portals. “Third-party audits are a routine matter conducted mandatorily every three to six months. However, with the DDoS attack, we will be more stringent. We intend to put in proper safety mechanisms,” Pandey said.
Meanwhile, rural development and panchayat raj (RDPR) and IT-BT minister Priyank Kharge raised concerns about the management of state govt web portals, some of which are maintained by Union govt agencies like National Informatics Centre (NIC). “For instance, RDPR department sought transfer of the management of e-Swathu portal from NIC to the e-governance department, as the central govt agency has not been able to develop software to secure data of citizens. However, to date, no action has been taken,” Priyank said.
Another cabinet minister said: “There is a need for a separate minister and department for e-governance, which is currently under DPAR. But caution is required since there are chances of it backfiring if an inexperienced political team is at the helm.”