Mumbai: Customs Initiates Website Security Audit After Hacking Incident, Invites Bids For Assessment

Mumbai Customs Department is carrying out an audit of its website to assess the security risks facing an organization and the controls of counter-measures adopted by the organisation to mitigate those risks. Last year, one of the websites of Customs was hacked by an Indonesia based hacking group.

Online tender invited

According to the sources, the Commissioner of Customs, Export, Mumbai Customs Zone-l, New Customs House (NCH) has invited online tender in two bid system (technical and financial) through e-submission of competitive bids from the reputed and experienced company/firms/contractors/enterprises for carrying out Security Audit of official website of Mumbai Custom Zone - I (https://mumbaicustomszone1.gov.in).

The security audit

FPJ Shorts

SSC CPO Final Result 2025 Out: Over 22,000 Candidates Shortlisted For DME; 4,841 Men And 455 Women Selected For Delhi Police, CAPFs

Srinagar's Lal Chowk Illuminates On Diwali As Thousands Of Diyas Lit In Operation Sindoor Formations; Videos

Thane: TMC Lacks Fund To Re-Install Statue Of Rajmata Jijau In Newly Inaugurated 'Oxygen Park'; BJP Stages Protest

Logistics Service Provider Shadowfax Technologies, Rayzon Solar, ARCIL, & Four Other Companies Receive SEBI Nod

"A security Audit is a specified process designed to assess the security risks facing an organization and the controls of countermeasures adopted by the organization to mitigate those risks. As a part of any audit, the auditors will interview key personnel, conduct vulnerability assessments and penetration testing, catalog existing security policies and controls and examine IT assets," said a source.

He added, "IT security auditing would include a combination of vulnerability assessment, application security assessment, password cracking, log review, incident response and forensic auditing, integrity checks and virus detection. The auditor's responsibilities need to articulate, not just the audit tasks, but also the documentation of their activities, reporting their actions etc. and providing necessary guidance to the developer as and when requested during the audit phase."

Read Also

Mumbai Airport Customs officials Seize Smuggled Gold Worth ₹1.7 Crore In 8 Different Cases

"Security Audit Report from the security auditor should clearly state that these web-pages, including the backend database and scripts, if any, are free from any vulnerability and malicious code, which could be exploited to compromise and gain. Once the tender is provided to the auditing company, the Security audit work must be completed within 15 days from date of award of contract which includes issuance of Security Audit Certificate," said another official.