Action is initiated after the hacking of MoD website ( https://t.co/7aEc779N2b ). The website shall be restored sho… https://t.co/MtKTKnxZKu — Nirmala Sitharaman (@nsitharaman) 1523015217000

Agencies

Agencies

NEW DELHI | BENGALURU: The websites of at least 10 ministries including those of defence, home affairs, labour and law went down for around six hours on Friday, which the government blamed on a storage system crash at the data centre where the sites are hosted.The government ruled out any cyberattack, though defence minister Nirmala Sitharaman initially said her ministry’s website was hacked into.Sitharaman had tweeted: “Action is initiated after the hacking of MoD website. The website shall be restored shortly. Needless to say, every possible step required to prevent any such eventuality in the future will be taken.”The sites stopped functioning at about 2.30 pm, with content management system Drupal’s default notification page showing a ‘Zen’ template with Japanese characters, triggering speculation that Chinese hackers were behind the crash. All the sites also displayed the same message that read: “The website encountered an unexpected error.”The sites were back running around 8.30 pm.“It is not a hack . There is no cyberattack (on the sites). There was a hardware failure in the storage systems that had hosted the ten ministries’ websites,” Gulshan Rai, chief of cyber security in the Prime Minister’s Office, told ET. He said the data would be shifted to new systems to make the sites function again.A spokesperson for the Ministry of Home Affairs also said “there is no hacking of the ministry website”. The National Informatics Centre (NIC) is in the process of upgrading the system, he said.The data centre is managed by the NIC, which also said there was no hacking of the sites. The centre uses the Drupal open source content management platform as its front end while hosting the sites on its data centres located across the country.In fact, a March 28 security alert on the Drupal groups, the platform’s official developer forum, had flagged a “highly critical risk” on the earlier versions of the CMS platform.It said this vulnerability “potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised”.It was not clear on which versions of Drupal the government sites were hosted.Meanwhile, a cyber expert, speaking on the condition of anonymity, countered the government’s statement, saying the sites would not be down for maintenance during official hours unless there were cyberattacks.“After the attack, the government appears to have shut down the servers of the websites, which indicates covering up the cyberattacks,” this person claimed.This is not the first time that government websites have crashed due to glitches. The I-T sites have gone down in the past due to surge in traffic ahead of the return filing deadline. In 2013, several sites went down for a few hours due to electricity tripping at the data centres.