Employees need to be aware of fake WhatsApp messages
Action taken to verify threat of spam, phishing
JAMMU, 10th July: In order to control the threat of spam and phishing, Union Territory Government of Jammu and Kashmir has issued instructions for immediate security audit of all official websites and sensitization of all employees to fake WhatsApp messages. Additionally, it was clarified that no digital service should be launched without a security audit through the constituted agencies.
In accordance with the Information Technology Act 2008, it is mandatory to have a security audit of all web applications and services in order to be hosted in the State Data Center (SDC). Since constant changes are made to the solutions deployed at the SDC, it is strongly recommended that after successful hosting of a website in the SDC, a periodic security audit, as often as required, be performed for the same .
The issue of security auditing of all official websites has been discussed in recent meetings of the Committee of Secretaries chaired by the Chief Secretary, Dr. Arun Kumar Mehta, and as a result, all departments have have been tasked with ensuring that this vital exercise is carried out in consultation with the Department of Information Technology, official sources told EXCELSIOR.
It is pertinent to mention here that a website security audit is a process that assesses the website/application for vulnerabilities and flaws. The audit scans websites and the server for existing or potential weaknesses that hackers can exploit. “The purpose of this exercise is to proactively find discrepancies in the website’s architecture and eliminate them before hackers, with malicious intent, can notice,” the sources said.
“The Department of Information Technology is in the process of engaging some of the agencies formed for this task and hopefully the security audit of all official websites will begin in the coming months,” they said. while revealing that the government had already made it clear that in the event of non-compliance with security audit guidelines, the hosting of services will be stopped at the State Data Center.
In addition, the Chief Secretary has directed all departments to have the cyber security audit of their digital services carried out through the incorporated agencies, which will be coordinated by the relevant Information Security Officer in consultation with the information technology department.
“The security audit of all 207 digital services currently available to the public has already been carried out and from now on, it should be ensured that no such service is hosted without the security audit, as any laxity in this regard may cause problems for the Government,” the sources added.
As the threat of spam and phishing began to worry the government, instructions were given to the Department of Information Technology to educate all government employees about fake WhatsApp messages, in addition to exploring the use of fake WhatsApp messages. other official apps and emails for official communications.
“The Department of Information Technology is already using the M-Seva application to educate government employees by sending them text messages,” the sources said, adding that “spam is email that is not solicited, instant messages or social media messages.These messages are fairly easy to spot and can be harmful if opened or replied to while phishing is an email sent by a cybercriminal disguised as an email from from a legitimate and trustworthy source.
It should be mentioned here that beyond the annoyance and time wasted sifting through unwanted messages, spam can cause significant damage by infecting users’ computers with malware capable of damaging systems and steal personal information.
The goal of phishing attacks is to steal sensitive data such as credit card and login information, or to install malware on the victim’s machine. Over the past few years, spam and phishing incidents have been on the rise in the Union Territory of Jammu and Kashmir.