Director of the Telangana State Cyber Security Bureau (TSCSB), Shikha Goel, at the Integrated Command Control Centre (ICCC), Hyderabad. | Photo Credit: File photo

Telangana police begin cyber hygiene audit

by · The Hindu

Following a security audit of all the Telangana police applications and websites, the Telangana Cyber Security Bureau (TGCSB) has initiated a ‘cyber hygiene audit’ across all police units in the State.

This comes about six months after a data breach in Telangana Police’s Hawk Eye, with subsequent leaks concerning TSCOP app and Telangana Police SMS service portal.

The first such audit was carried out in the Cyberabad Commissionerate of Telangana at the end of October. The audit lasted 10 days across the police stations in Cyberabad wherein a team from the TGSCB evaluated the systems, network and infrastructure which the police operate to identify loopholes or security gaps and share technical, non-technical recommendations.

The teams ran a mock security testing by hacking into the systems to evaluate how secure they are as part of the audit procedure. TGCSB Director Shikha Goel said that a report based on the observation will be shared with the commissioner, along with recommendations and suggestions to manage cyber security.

Hyderabad Police Commissionerate is next in line for the audit, the official informed.

The department first issued cyber hygiene guidelines to all police units in April 2024. The data from all the police units, including 33 districts, was consolidated at the Hyderabad headquarters of the bureau and dedicated teams were formed to carry out checks.

Use of strong authentication and access methods, encryption of data, documentation of cyber hygiene policies, security measures - including anti-malware and firewalls, network vulnerability scanning and security awareness training are among the prominent focus areas in the audit.

The department is also working on training the IT teams in the districts to take up the initial steps in the cyber hygiene audit in their respective units.

The overall security audit of Telangana police portals is also nearing completion. In the past about six months, over 45 Telangana police applications and websites have been audited for network security, web-application security, wireless security, compliance audits, mobile app security testing, ERP, payment gateway and source code.

Initiated this year after the attack on police websites, these two audits will be taken up every year in the Telangana police department.

Jatin Kumar, a 20-year-old student from Delhi, was arrested on June 10 for hacking the applications of the State police department and offering the compromised data for sale at $150 on Telegram IDs.

Published - November 06, 2024 09:02 pm IST