India’s government websites are under attack.

On April 06, India’s official ministry of defence (MoD) website—mod.gov.in—was reportedly hacked. Instead of the homepage, visitors to the site saw the following message: “The website encountered an unexpected error. Please try again later.”

Alongside the error warning, a Mandarin character—meaning either “Zen” or “home”—appeared at the top of the page, media reports said, fueling conjecture that Chinese hackers were responsible for the attack.

The MoD’s official Twitter account confirmed the attack within minutes, followed by Nirmala Sitharaman, the Raksha Mantri or minister of defence. ”Action is initiated after the hacking of MoD website ( http://mod.nic.in),” she wrote. “The website shall be restored shortly. Needless to say, every possible step required to prevent any such eventuality in the future will be taken.”

Quartz was unable to load the MoD page at the time of this writing. What’s more, sites for the ministry of home affairs (MHA) and the labour ministry seem to have gone offline late on April 6. An MHA spokesperson denied any hacking attempt, and said any disruption was caused by security updates made by the National Informatics Centre, which hosts the MHA site.

Screenshot Ministry of home affairs website at 11.30pm on April 06.

Screenshot Labour ministry website at 11.30pm on April 06.

Subpar security

Hacking attempts are not out of the ordinary for India, where the cybersecurity game is weak—something even the government admits. Between April 2017 and January 2018, more than 22,000 Indian websites were hacked, of which 114 were government portals, minister of state for electronics and IT K J Alphons said in a written reply to Lok Sabha (House of the People).

Kiren Rijiju, the minister of state for home affairs, said last year that more than 700 central and state governments had been breached between 2013 and 2017.

The MHA website has also been hacked before, in February 2017. A month earlier, the National Security Guard (NSG) website was compromised. In March 2016, terror outfit Al-Qaeda hacked a section of the Indian Railways website with a message asking Muslims to partake in “global jihad.”

Last month, a hacker group by the name of Lulzsec India claimed to have accessed a section of the Rajya Sabha website that only members of the Upper House and administrators of the website are supposed to have entry to, even logging into Bharatiya Janata Party (BJP) president Amit Shah’s profile. This goes to show how vulnerable state-run websites really are.