CBSE OSM Row: Portal attack was a coordinated, two-pronged operation says cybersecurity expert
“A flood of 1.5 million requests in two minutes alongside a lakh file access attempts isn’t a glitch or a bored hacker. It’s a coordinated, two-pronged operation. The DoS is the smokescreen. The file access probing is what they actually came for,” said Srinivas L, Joint Managing Director and Joint CEO of 63SATS Cybertech, the cybersecurity subsidiary of 63 moons technologies limited.CBSE had on Tuesday said that “malicious actors attempted to disrupt services through a barrage of cyberattacks”, including a DoS attack that generated 1.5 million hits on the portal within two minutes and more than one lakh attempts at unauthorised file access. According to Srinivas, such a volume of traffic suggested a deliberate effort to distract administrators while probing the system for potentially sensitive data. Read | What CBSE ignored: Its own panel found glitches in dry run, said delay OSM by a year “You don’t throw that kind of volume at a portal unless you’re trying to pull something out while everyone’s busy fighting fire. But the CBSE held fort and still got thousands of students through. Credit where it’s due,” he said. Even as the portal came under attack, CBSE said it continued to function and process student applications. The Board said the platform was supporting nearly 14,000 concurrent users and had recorded more than 28,000 successful submissions as of 10 pm on Tuesday.Story continues below this ad In a social media update, CBSE said it had also implemented further improvements based on student feedback, including extending session time limits to improve user experience. “Our teams remain on constant watch to ensure a secure, reliable, and student-friendly platform,” the Board said. However, Srinivas cautioned that successfully defending a single attack should not be viewed as a long-term cybersecurity strategy. “Holding the fort once isn’t a strategy but rather just plain luck wearing a uniform. You can’t keep defending these systems reactively, cycle after cycle, and expect to win every time. What India’s exam infrastructure actually needs is to be built for the attack, not patched after it,” he said. He added that institutions handling student data must adopt a continuous approach to cybersecurity.Story continues below this ad “When you’re holding the data of children, cyber resilience isn’t a feature you switch on at result time. It’s the foundation the whole thing sits on and runs continuously,” Srinivas said. The developments come amid scrutiny of CBSE’s post-result processes this year, including controversy surrounding the implementation of the On-Screen Marking (OSM) system and complaints from students regarding verification and re-evaluation procedures. Meanwhile, on June 2, the Centre removed CBSE Chairman Rahul Singh and Board Secretary Himanshu Gupta from their posts and ordered an inquiry into the OSM controversy.
Discussion (0)