Srinagar, Aug 15: Most government departments’ official websites in Jammu and Kashmir are prone to hacking.
Open the website of any department and you would find “not secure”, written at the top left of its URL bar, suggesting that the site lacks Secure Sockets Layer (SSL).
Without SSL, anybody can hack the site and use or edit the information.
A Junior Engineer at Sitronic IT Services, a native software company, Owais Noor, said, “Secure websites contain a SSL certificate, which makes them secure. Their URL address has ‘https’ (Hypertext Transfer Protocol Secure).”
“The SSL is kind of an end-to-end encryption that converts the information into a code not readable to a common man. When the information reaches a receiver, it is again decrypted or converted into the message.”
Owais said the website of Jammu and Kashmir Bank Limited has installed SSL certificate as its data happens to be “most credential”.
“They cannot take risk of losing the data. All the banks have installed Deluxe Certificate, which means the data on their websites is triply secure,” he said.
Chairman Information and Communication Technology (ICTA), Jahangir Raina, said security of the websites might not be government’s priority.
“When the government departments do not maintain their websites properly, security can only be their secondary concern. However, its consequences can be quite grave, as any hacker can easily enter into the website and edit the details,” he said.
He said every government department should have a dedicated team of five people for maintenance of a website.
“However, they do not have such resources,” he said.
Only two days ago, the website of the Directorate of Health Services Kashmir was hacked by an unknown person, who wrote ‘American N N Vohra’ for the governor and ‘Pakistani’ for his Advisor K Vijay Kumar on the site, both in Urdu.
Commissioner Secretary to Government for Information Technology Department, Saugat Biswas, said, “Information Technology department is not responsible for maintaining the security of websites of every department. We are responsible for IT department only.”
Asked about the IT department, too, not having SSL certificate for its website, he replied, “No, our website is safe and secure and well-maintained.”