Tag: panel | Page 2

Sensitive citizen data illegally transmitted by TDP Govt, says Andhra Assembly panel

September 21, 2022/in Computer Security

The panel constituted in March 2022 to investigate whether Pegasus spyware was used by the Chandrababu Naidu government has submitted an interim report in the Andhra Pradesh legislative Assembly.

A House Committee that was formed by the Andhra Pradesh Legislative Assembly has concluded that a large volume of data from the state’s servers were transmitted to unknown external sources during the Chandrababu Naidu government’s regime.

The Committee, headed by Tirupati MLA Bhumana Karunakar Reddy, in its report said “there was unauthorised and improper transmission of large amounts of sensitive data from the State Data Centre (SDC) to unknown external servers from November 30, 2018 to March 31, 2019.”

Presenting the report in the Legislative Assembly on Tuesday, Karunakar Reddy said the committee found that a large volume of data had been transferred from 18 State Data Centre (SDC) servers to several unknown external IP addresses and that the reason for this data transfer was unknown.

“The data was sent to TDP leaders who used it to make unlawful gains during the elections held in 2019. The TDP leaders have misused the data. There was large-scale deletion of voters’ names before the election,” Karunakar Reddy told the Assembly. The statement evoked angry reactions from the TDP members who demanded a copy of the complete report. The house committee only tabled two copies of the report in the Assembly.

The State Data Centre (SDC) is where the state government’s servers and network devices are stored. As part of the Praja Sadhikara Survey (smart pulse survey) organised in 2016, the previous government had collected individual details from all citizens. The Naidu government had said that the data was to ensure that government schemes would reach the beneficiaries. Details collected included aadhar card, ration card, voter ID, property tax, electricity bill, driving licence, vehicle registration details, gas connection details, bank account details, water bill details, caste certificate, income certificate, birth certificate etc. It is this data that was stored in SDC and later transferred to external servers, concluded the committee.

“The…

Source…

House panel calls for manpower push to boost cybersecurity | Latest News India

March 20, 2022/in Computer Security

The Parliamentary panel on information technology has adopted a report, suggesting an urgent need to boost manpower at the National Informatics Centre (NIC), people familiar with the matter said.

The centre deals with all government websites for secure exchanges, and additional funding for the Computer Emergency Response Team (Cert-In) to ensure a cyber-safe environment.

In its report adopted last week, the committee, headed by Congress MP Shashi Tharoor, noted that NIC provides information and communications technology support to the government at all levels – central ministries/departments, 37 States/Union territories and 720+ districts.

“NICNET, the nationwide network, comprises over 1,000 LANs of government offices and more than five lakh nodes across over 8,000 locations. The data centres of NIC host more than 8,000 websites of the government in a secure environment. The ministry of electronics and information technology (MeitY) has informed the committee that NIC’s main focus is in providing the latest state-of-the-art ICT infrastructure. NIC under MeitY provides e-Governance support, state of the art solutions to the central government,” one of the persons cited above said on condition of anonymity.

NIC plays a pivotal role in the development and implementation of digital platforms and applications to ensure delivery of government services to the citizens, the person said.

The House panel, in its report, noted that budget constraints have caused the ministry to upgrade its infrastructure in a phased manner, the person added.

The House panel, however, also found that the organisation is facing challenges in terms of manpower and basic infrastructure. “The committee is disheartened to learn that despite their recommendation (in their last report in 2021) to undertake a comprehensive review of the manpower requirement and infrastructure needs of NIC, the ministry has done little to address the above issues. The committee once again recommends the ministry to look into the issue of manpower shortage in NIC. With regard to infrastructure,” the person said.

The report is yet to be tabled in Parliament.

Since 2015, there has been a steep rise in cybersecurity incidents,…

Source…

Proof of Pegasus use on phones, Cyber experts tell SC panel

January 30, 2022/in Computer Security

At least two cyber-security researchers, who have deposed before the Supreme Court-appointed committee that’s probing the use of Pegasus for allegedly spying on citizens, have told the panel that they found concrete evidence of use of the malware on the devices of the petitioners.

These cyber-security researchers were engaged by some of the petitioners to depose before the top court panel and provide details of the forensic analysis done by them.

One of the two researchers anyalsed iPhones of seven people, of which two were found to be infected with Pegasus, this researcher told The Indian Express. The researcher submitted an affidavit to the Supreme Court and subsequently deposed before the panel to say that the evidence on the two phones were uncovered using a forensic tool.

After deleting personally identifiable data from the devices of the two persons, the cybersecurity researcher found that while Pegasus had infected the phone of one of the petitioners in April 2018, the other phone had “multiple entries” for various stages of malware deployment between June and July 2021.

“Multiple entries going back to March 2021 indicating that the Pegasus malware tried to delete entries from the process table databases,” the first cybersecurity researcher said in the affidavit to the Supreme Court.

The other cybersecurity researcher, who analysed Android phones of six of the petitioners in the case, found distinct versions of the malware on four phones, while two of the remaining devices had variants of the original versions of Pegasus present on them, this researcher told The Indian Express.

“We have an emulator for Android on which we verified that it has all the variants of the malware. What we found is that this (malware) is so virulent that it could not have been used for legitimate purposes. It not only reads your chats, it can get your videos, turn the audio or video at any time,” the cybersecurity researcher said.

The Supreme Court had on October 27 last year appointed a three-member panel, under the supervision of retired Supreme Court judge Justice R V Raveendran, to look into the allegations of unauthorised surveillance using the Pegasus spyware. The…

Source…

US House panel examines Arizona election review effects

October 7, 2021/in Computer Security

They called former Arizona Secretary of State Ken Bennett, who served as a go-between Senate Republicans and the contractors they hired to review the ballot count, election machines and computer software, to testify. Bennett said that while the recount showed that Biden actually picked up some votes, there remain unresolved issues involving voter registration, mail-in ballots and computer security.

Source…

Tag Archive for: panel