This may be shocking, but it’s true. A good 70 per cent of Goa government websites lack security protocols and are prone to cyber attacks, including those of educational institutes and police departments. Data reveals that of the 62 government websites, 45 have not renewed their security protocols while 17 are still in the process. In the absence of Secure Sockets Layer (SSL) certificates, there is a chance that users' privacy will be compromised.
Currently, users of these websites are warned with an on-screen message about potential data breaches and the risk of personal information. IT experts suggest that users should avoid accessing these sites till the security protocols are restored even as State authorities and the IT department remained mum on the issue after this newspaper carried a report on the same.
This lack of adequate security protocols can give hackers unauthorized access to confidential information, including personal data, financial records, and classified documents. There could be dire consequences to this leading to cyber fraud, financial fraud, identity theft and impersonation. The reason why this subject is so crucial is that these websites are not only platforms for providing information but also play a pivotal role in the delivery of essential services, besides acting as payment gateways since financial transactions are carried out through these portals.
This data on websites comes as a shocker against the backdrop of the State government’s consistent pitch of taking the digital highway for progress. Lest we forget, IT Minister Rohan Khaunte has been showing urgency in the field of information technology, innovation and start-ups. From planning to positioning Goa as the creative capital of the country, innovative concepts have been introduced like “workcation destination” and GOA (Global Opportunities Aggregator which aims to transform the State into a mobile IT hub with a focus on technology and innovation.
However, when so much is being spoken about IT, the State cannot by any measure be failing in cybersecurity in its own backyard. It cuts out a sorry picture when the majority of the government websites are not secured and it is even worse that there is no urgency shown to plug this vulnerability. The issue at hand is not just an IT concern, but a crucial aspect of governance. It’s about trust and accountability.
When citizens log on to these government websites, they entrust their personal data with government agencies against which they expect a certain level of protection and confidentiality. The lax attitude is baffling, especially when we have a horrific past. The Electricity Department site was recently hacked and so was the Raj Bhavan website in 2014. In 2013 around 15 government websites were hacked sending officials in a tizzy. There have been several breaches in between.
It’s high time the government looks within and introspects on the safety of its websites and the privacy of users. The department must act on these shortcomings within the shortest possible time so that public confidence in the government's promise of delivery through the digital route is not lost.
