No blogging, social networking for Indian diplomats
By Devirupa Mitra, Gaea News NetworkSaturday, February 7, 2009
NEW DELHI - Indian diplomats now cannot open a Facebook account, use external e-mail services, or write blogs, thanks to new rules and much stricter firewalls aimed at preventing cyber attacks and leakage of classified information.
Over the past eight months, the Ministry of External Affairs has been overhauling its computer network security, putting up layers of barriers against intrusions into the network, officials associated with cyber security said.
There are almost 600 computers at its headquarters at South Block, about half of which are connected to the Internet. Classified work is typically done on stand-alone computers, usually with the external drives removed.
‘We have set up a unified threat management system for the ministry. This simultaneously uses eight levels of protection like firewalls and spam mail filtering,’ said a senior official.
‘We are also requesting and encouraging more responsible behaviour from our staff when working online,’ the official told IANS, requesting anonymity.
A circular issued last week asked officials not to log on to social networking sites, specifically citing Facebook, Orkut and Ibibo as examples. The other prohibited practices include download of peer-to-peer music using sites like Kazaa and sharing of photos through Flickr and Picasa.
The circular also discourages using services like G-mail, Yahoo! or Hotmail for official communication. A similar circular, officials said, had been issued in the Prime Minister’s Office in December.
But the matter is even more critical for the foreign office as officials posted in Indian missions abroad or on foreign tours tend to use web-based mail rather than the ministry’s own mail system.
‘We have had cases of senior officers using G-mail or other similar accounts abroad for official work, only to find some form of tampering when they return,’ the official said, adding people have been told to change their web-mail passwords if they had opened the account during foreign tours.
The missions have been told to use their official mail ID issued by the National Informatics Centre for communication. But several missions have complained that the mail home page was inaccessible due to port blocks by local Internet service providers.
They have been asked to contact their service providers to unblock the site.
‘We want to secure communications with Indian missions through private networks. This may be implemented in the next few months,’ said an official working with the technical team in the ministry.
Apart from their offices within the country, cyber security officials are also fortifying Indian embassies abroad with the first such team visiting the Indian embassy in Beijing late last year.
In 2008, nearly 100 Internet addresses were blocked, several of them at Chengdu in China, after these were found to be the source of a swarm of attacks on the network.
‘An attack could be just a simple mail, which activates a programme to leak data from that computer to another address on the net,’ the ministry official said, adding new intrusions were more geographically dispersed.
‘We had some intrusions which were traced to Houston, but we know that Chinese hackers were behind it,’ the official said. ‘It’s a daily defensive war that we are engaged in.’
Not all online behaviour guidelines are the result of potential security threats - some are merely to caution officials. Like late last year, some officials got a circular advising them to stop writing blogs.
The order came after a Saudi Arabia-based official’s personal website created a controversy for carrying an advertisement on writer Salman Rushdie, which was posted automatically as the site was hosted on a free server.
‘Now we have mailing communities to keep in touch with each other - no blogs.’