A major security breach of the National Informatics Centre (NIC), which runs all the emails of senior officials and websites of all central government departments, allowed hackers to issue several fraudulent digital certificates, raising global concerns about India’s net security practices. The NIC has since sought to play down the incident. “Our site was attacked from outside India. The auditors have investigated and urgent steps have been taken to mitigate the vulnerabilities,” Director General NIC, Ajay Kumar said.
The NIC is one of the select few authorised entities allowed to issue digital certificates and signatures that lie at the core of safe internet transactions. Hackers managed to breach its security and access all the data on its root directory that hosts its most sensitive data. They issued several fake digital certificates that went undetected for several days.