In a surprise development, the Department of Women and Child Development website and a few others, fell victim to a cyber attack that replaced vital information with casino gambling advertisements. This incident has once again exposed the vulnerabilities of the State’s digital infrastructure and triggered concerns about the security lapses that threaten the integrity of public services and the safety of citizens’ data.
On Wednesday, visitors to the Goa government’s Department of Women and Child Development website encountered inappropriate and potentially harmful casino advertisements embedded under the link meant for “schemes” to support women and children. Screenshots reveal ads promoting online gambling sites that accept Mastercard and free slot machine games. While these might seem like mere nuisances, their implications are far-reaching. Such ads can mislead vulnerable users into risky online activities, potentially exposing them to fraud, addiction, or financial loss.
What makes this incident more concerning is that these advertisements appeared on a government platform explicitly dedicated to the welfare of citizens. Embedding gambling ads under “schemes” only shows that security protocols meant to safeguard sensitive spaces have failed which means malicious spammers can easily exploit weak digital defences, turning government websites into conduits for illegal online activities. The more worrisome part is that such breaches run the immediate risk of exposing citizens’ personal and sensitive data.
Alas! We have not learnt lessons from past breaches. A report in this newspaper last year revealed that over 70 per cent of government websites, including those of educational institutions like Goa University, are “not secure.” According to the Department of Information Technology, out of 62 government websites, 45 had not renewed their Security Audit, and 17 are still in the renewal process. Most of these sites lack SSL certification -- a basic security measure that encrypts data and prevents unauthorized access.
Last year alone, scammers infiltrated critical platforms such as the Goa Teacher’s Eligibility Test (GTET) website, the Goa Government Recruitment portal, and the SC/ST laptop scheme site. These breaches involved planting online betting advertisements and redirecting links to illicit gambling platforms, including IPL betting sites. Moreover, the scammers’ activities extended to publishing advertisements for hacking services on US government websites, an indication of the global reach of cyber threats. These incidents highlight that despite the increasing reliance on digital platforms for governance, security remains grossly inadequate.
Goa’s government must realise that cyber threats are evolving rapidly, and a reactive approach is not going to contain that surge. The current lax attitude will only embolden cyber criminals. Lodging FIRs and strengthening security are steps in the right direction, however, the government must look into the renewal of security audits, implementation of SSL certificates, and deployment of advanced cybersecurity measures. Cybersecurity as an integral part of digital governance must be prioritised, rather than being an afterthought.
In a time when Goa envisions becoming a digital hub, complacency cannot be an option. The repeated breaches and the infiltration of harmful advertisements point to an urgent need for foolproof security infrastructure. This cyber attack should serve as a wake-up call and a reminder that in the digital age, security is the foundation upon which effective governance must be built. It is high time Goa’s authorities act decisively to secure their online portals before more damage is inflicted and people’s confidence is lost.