IT ministry looks to amp up email security for increasing cyber attacks

The Ministry of Electronics and Information Technology (MeitY) is looking to amp up the security of the government's email infrastructure in light of the increased number of cyber attacks.

The government has issued a request for proposal (RFP) in this regard through the National Informatics Centre (NIC) to select a system integrator who can maintain the existing email setup, deploy additional security framework support, and integrate additional infrastructure to the existing setup.

The NIC, a body under MeitY, meets all levels of government's information and communications technology (ICT) needs, designs and develops IT systems for the government, etc.

"The rapid adoption of emerging technologies has introduced new, and dynamic cyberattacks. Sophisticated and targeted attacks crafted for impacting the government email infrastructure are increasing exponentially," the NIC said.

"For addressing the issue of advanced threats and cyberattacks, the security of the existing email service will need to be enhanced to provide a secure communication channel by deploying state-of-the-art security software and features," NIC added in the RFP.

Moneycontrol has reached out to the NIC with additional queries in this regard, and the article will be updated when a response is received.

More security

As part of the proposed additional security, it will be necessary to acquire a threat intelligence software that supports the integration of third-party security to secure virtual machines from viruses, malware, etc.

In addition to highlighting threat indicators, the software should also be capable of malware analysis.

"Information should include, but not limited to, background of the threat actors and attack methods linked to specific indicators and threat artefacts," the RFP read.

It should also be able to provide threat intelligence reports that include information such as the cyber attacker's goals, variants of the threat, the outcome if the cyber attack is successful, and so on.

A host intrusion prevention system (HIPS), a solution that monitors security across physical and virtual servers, will also contribute to enhancing the security of the government's email infrastructure.

In addition, a security gateway that supports email security solutions that integrate inbound and outbound defences against email threats will be acquired, the RFP read.

"The solution should provide protection against zero-day and targeted attacks. It should be able to dynamically analyze message attachments for malware without sending files to the cloud," the RFP said.

"The email security appliance must be able to provide a safe-printed PDF version of a message attachment detected as malicious or suspicious," it added.

Security assessment

Apart from that, the system integrator must conduct an audit of the email architecture, which will include checks of the email solution, changes in design, OS versions, and so on.

The system integrator will also be required to conduct a software audit of the government email platform following any major feature changes, patch upgrades, and security fixes as directed by the NIC.

Increase in cyber attacks on govt

There has been an increase in the number of cyber attacks on the government, particularly on its email infrastructure.

Several employees of various central ministries received mysterious emails from the nic.in domain in December claiming an "internal hand" in the death of Gen. Bipin Rawat, according to a report in the Indian Express.

This was part of a phishing attempt against the Centre's officials through compromised domain email IDs, the report added.

In October of last year, when Prime Minister Narendra Modi visited the United States, a similar cyber attack was perpetrated using a compromised government email id.

Similarly, in June of last year, according to a Hindu report, hackers gained access to the emails and passwords of Union government officials due to data breaches at Air India, Domino's, and BigBasket.