The human resource development (HRD) ministry has warned all central educational institutions and regulatory bodies to beef up cyber security measures to prevent their websites from being misused by frauds to mislead students.
The move follows the hacking of the website of the National Assessment and Accreditation Council (NAAC), the country’s largest higher education rating agency, early last month, top government sources told The Telegraph.
The hacking set off alarm bells within the ministry because it represented the second major attempt in recent months by little-known and unrecognised education groups to use popular websites to mislead students.
The All India Council for Technical Education (AICTE), the apex technical education regulator, late last year became the victim of a “cyber raid” — partially successful for several days — by an unrecognised body, which also called itself the AICTE.
The original AICTE at the time had a website address, aicte.ernet.in, and the unrecognised body, which claimed to offer myriad courses in computer engineering across the country, started a website with the address aicte.ac.in.
The success of the fraud can be gauged from the fact that aicte.ac.in received significantly higher Google hits than the website of the genuine AICTE for the first few days. The genuine AICTE eventually created a new website, aicte-india.org.
“This is a matter of great concern because manipulating the Web is today a common way to mislead gullible people. Imagine students who may have been fooled by the fake AICTE into thinking a course was AICTE-approved,” a source said.
The NAAC website hacking has also led to fresh concerns over Indian institutions using foreign web-hosts. The rating agency’s website is hosted by Netty Gritty, a US-based firm, the sources said. The foreign origin of the web-host makes the process of fixing responsibility for cyber security complicated. The NAAC has now told the ministry it will switch to the Indian government’s official web-host, the National Informatics Centre.
HRD minister Kapil Sibal has in recent months repeatedly argued in favour of a “self-disclosure” regime under which institutions disclose all details about their funding, faculty and legitimacy on their own websites.
Sibal has said he wants to transform education regulation from a “licence-quota-permit raj” to a system where regulators restrict intervention to occasions when they receive complaints about incomplete, wrong or misleading disclosures.
For instance, if a university charges fees over and above the fee officially declared,it will be liable to action by regulators. But the success of any self-disclosure mechanism is dependent on secure cyber systems of the institutions.
By CHARU SUDAN KASTURI