'No Unauthorised Websites, Private Email IDs': J&K Govt Issues Advisory Amid Cyber Attacks
Srinagar: A series of coordinated cyber attacks which knocked several official websites in Jammu and Kashmir offline in the aftermath of ‘Operation Sindoor’ has re-emphasised scrutiny of the union territory (UT) government’s digital interface.
Following India's targeted missile strikes in Pakistan and Pakistan-occupied Jammu and Kashmir on May 7, an unknown number of cyber attacks by hackers, reportedly based in more than half-dozen countries, had rendered several official websites defunct across the country, most of which have been restored.
According to a report quoting officials, the Maharashtra Cyber Cell recorded more than 10 lakh cyber attacks on Indian systems in the aftermath of the Pahalgam terror attack. These attacks are reported to have originated from Pakistan, the Middle East, Turkey, Malaysia, Morocco and Indonesia.
A source told The Wire that some of the affected websites are run by J&K’s various government departments which collect day-to-day revenue in the form of power bills, land registration charges, fees for building permits and more.
“Work has come to a halt after May 7,” the source said, referring to the date on which India retaliated against Pakistan to avenge the Pahalgam attack, and when the cyber attacks intensified.
Some of these websites were downed by DDoS (Distributed Denial of Service) attacks, where the hackers bring down a website by overwhelming it with traffic. While the officials in J&K administration are tightlipped about the inaccessibility of the affected websites, sources said that a “massive effort” was underway to restore them.
On Thursday (May 22), the power development department said that its website for the consumers in Kashmir valley, which had gone offline after the May 7 operation, has been restored while the apps were yet to start working.
“Only the web platform is currently functional. Apps will be working in a few days. Thanks for your patience,” Kashmir Power Distribution Corporation Limited said in a post on X, formerly Twitter.
According to reports, some of the affected websites are hosted on servers belonging to the National Informatics Centre (NIC), which is part of the Union ministry of electronics and information technology.
When The Wire attempted to access the Srinagar district administration webpage, where users must log in to obtain domicile certificates, the page was inaccessible.
“Many websites that run out of the NIC servers are also down,” said the source, adding that ordinary users and registered vendors in J&K are unable to get access to online government services such as registration for old age pension, procuring driving and measurement licenses and others.
“The systems of Srinagar Smart City (a government of India project) was also affected by cyber attacks,” the source added.
According to SOCRadar, a US based cyber security platform, there was a significant escalation of cyber confrontation after India struck suspected terrorist bases in Pakistan and armed skirmishes broke out between the two countries in the sky and on the ground along the Line of Control and international border in J&K.
"Hacktivist groups swiftly reacted to the fire exchanges with public announcements and targeted cyberattacks,” it said, citing the hacking of at least two government-run websites – one run by the army and another by the government of Rajasthan – and the purported breach by ‘threat actor’ DieNet who claimed to have stolen more than 247 GB of data from the NIC servers.
The Wire couldn’t independently verify the claim. An official in NIC J&K admitted that some websites were down. However, he refused to share details when asked whether the websites were down due to the cyber attacks on India post the carnage in Pahalgam in which 26 civilians, mostly civilians, were gunned down.
According to a report in the Times of India quoting sources, several hacker groups targeted websites of defence PSUs and their MSME vendors, ports, airports, power grids, airlines and railways, digital money transaction platforms, several state governments and some major Indian conglomerates.
Officials have linked some of these cyber attacks to Jasim Shahnawaz Ansari, a Gujarat resident who allegedly targeted some 50 government websites. He was arrested on the charges of cyber terrorism on Monday (May 19).
With several official websites inaccessible in J&K, the General Administration Department on Wednesday (May 21) directed all the government departments to shift their websites from private domains such as ‘.com’, ‘org’ and ‘.net’ to the government-approved ‘.gov.in' or ‘.jk.gov.in’ for a “secure, standardised and policy-compliant digital and IT environment”.
The administration has also banned officials from communicating digitally through private email providers such as Gmail, Yahoo and Rediffmail etc, while directions have been issued to officials to use only government-provided email platforms such as abc@jk.gov.in or abc@gov.in for official correspondences.
“Any emails received from non-NIC domains shall be treated as unofficial and may not be acted upon,” the circular said, adding that a comprehensive audit of J&K’s digital infrastructure was going to be conducted within a 15-day deadline for all the administrative departments to file compliance reports.
“All departments are advised to accord top priority to the implementation of these guidelines in the interest of secure and accountable e-governance,” it added.
The circular was issued after a meeting chaired by chief secretary Atal Dulloo, which called for “enforcing a secure, standardized, and policy-compliant digital and IT environment” in Jammu and Kashmir.
The Wire is now on WhatsApp. Follow our channel for sharp analysis and opinions on the latest developments.
