railways-stung-by-breaches-in-it-applications-during-pandemic

Context: The Ministry of Railways has asked the Centre for Development of Advanced Computing (C-DAC) to educate its officials on Internet ethics, cyber hygiene and best practices in the use of IT equipment, including mobile phones. 

  • This is as part of its National Cyber Security Strategy.

Background:

  • The Railway Board said a number of incidents had come to notice regarding breaches in various IT applications.
  • A majority of them were applications related. 
  • Incidents occurred due to “improper handling of the IT assets by the personnel”.
  • Lack of awareness: There are a number of officials who are unaware of the Internet ethics and cyber hygiene.

Cybersecurity in Railways

  • The IT Wing of the Computerisation & Information System Directorate sends out periodical alerts on cyber security vulnerabilities and threats to the staff directly handling IT-based systems. 
  • One of the major IT functions is the Passenger Reservation System (PRS).
  • In January 2019 alone, 6.61 crore passengers booked from 10,394 PRS terminals in 3,440 locations and the IRCTC website resulting in a revenue of ₹3,962.27 crore. 
  • The PRS involves passengers disclosing their identities along with proof of address, mobile phone number and netbanking/card payment details.
  • The railways also uses its IT infrastructure for Unreserved Ticketing System.
  • E-payment is provided as part of the Freight Operations Information System (FOIS).

Way forward

  • The pandemic had introduced a greater reliance on electronic modes of communication in official working. 
  • Hence, it was necessary that all officials followed adequate procedures when using IT infrastructure for ensuring confidentiality, privacy etc in dealing with official information.
  • They should follow Internet ethics, cyber hygiene.
  • They must employ best practices on the use of IT equipment like desktops, laptops, mobile devices etc. 

Centre for Development of Advanced Computing (C-DAC):

  • It is an Indian autonomous scientific society, operating under the Ministry of Electronics and Information Technology.
  • It was created in 1987, originally as the Centre for Development of Advanced Computing Technology (C-DACT). 
  • This was in response to issues purchasing supercomputers from foreign sources. 
  • After being denied a supercomputer by the United States in 1987, due to military use concerns, India started a programme to develop an indigenous supercomputer and C-DAC was created as part of this programme. 
  • Supercomputers were considered a double-edged weapon capable of assisting in the development of nuclear weapons.

Source:

https://www.thehindu.com/news/national/railways-stung-by-breaches-in-it-applications-during-pandemic/article33905556.ece