Corroborating the claim, founder Cyber Peace Foundation (CPF) and National Anti-hacking group Vineet Kumar said most of the government websites are highly insecure but unless the government approaches officially for conducting security audit, it was beyond their scope to hold any survey. “We do offer complimentary discovery assessment and conduct surveys for different sites for our internal research and development of security system,” he said.
The matter is known to government and a project code named JC3 (Jharkhand Cyber Coordination Centre) is under consideration of state government but if director information technology, government of Jharkhand UP Shah is to be believed all the websites managed by state government are secure. “Some of the old websites or websites of government departments that were outsourced to private companies could be vulnerable and prone to hacking but we have a secure system in place,” he said. Asked if it was safe enough to seed aadhar number with government departments that do not have secure websites, Shah said that the department like food, public distribution and consumer affairs is only collecting Aadhar number and not the biometric details. “Process of aadhar authentication is online and done through the UIDAI website hence there is hardly any chance of biometric details being stolen,” he said.
Cyber experts however believe that the situation is completely different on ground. Biometric details and data for Aadhar are being collected at private centres, many of which are cyber cafes with minimal security measures in place. Vineet said that as per survey conducted by National Antihacking Group (NAG) in 2013 majority of the cyber cafes and public internet booths were found to be infected with malware. “These aadhar data collection centres can not only copy biometric details on pendrive and sell it to cyber criminals but are soft target for the criminals as well because most of them use pirated software and the system is not protected by security applications, with firewall, Antivirus and internet security software” he said.
Sharing experience of wi-fi war drive experiment conducted in 2013-14 Vineet said that most of the wifi services including those of government and major institutions are open and accessible to general user, prone to cyber attacks and invitation to ransomeware.http://timesofindia.indiatimes.com/city/ranchi/Cyber-experts-sound-alert-about-vulnerability-of-govt-sites-Aadhar-data-at-risk/articleshow/54449774.cms