Mumbai: Customs Initiates Website Security Audit After Hacking Incident, Invites Bids For Assessment

Mumbai Customs Department is carrying out an audit of its website to assess the security risks facing an organization and the controls of counter-measures adopted by the organisation to mitigate those risks. Last year, one of the websites of Customs was hacked by an Indonesia based hacking group.

Online tender invited

According to the sources, the Commissioner of Customs, Export, Mumbai Customs Zone-l, New Customs House (NCH) has invited online tender in two bid system (technical and financial) through e-submission of competitive bids from the reputed and experienced company/firms/contractors/enterprises for carrying out Security Audit of official website of Mumbai Custom Zone - I (https://mumbaicustomszone1.gov.in).

The security audit

FPJ Shorts

Rupee Slips Below 90 Against Dollar Amid Weak Manufacturing Data, FII Outflows, And Strong Greenback Pressure

Gallery FPH: Jyoti Chordia's Exhibition 'Connecting Lives' To Be Inaugurated On January 3

Kerala Revises K-TET Rules For Teacher Recruitment And Promotions After Supreme Court Mandates

'Dev Patel Is Sitting Next To Me': Fan SPOTS Slumdog Millionaire Actor At Coffee Shop In Mumbai, Video Goes Viral

"A security Audit is a specified process designed to assess the security risks facing an organization and the controls of countermeasures adopted by the organization to mitigate those risks. As a part of any audit, the auditors will interview key personnel, conduct vulnerability assessments and penetration testing, catalog existing security policies and controls and examine IT assets," said a source.

He added, "IT security auditing would include a combination of vulnerability assessment, application security assessment, password cracking, log review, incident response and forensic auditing, integrity checks and virus detection. The auditor's responsibilities need to articulate, not just the audit tasks, but also the documentation of their activities, reporting their actions etc. and providing necessary guidance to the developer as and when requested during the audit phase."

Read Also

Mumbai Airport Customs officials Seize Smuggled Gold Worth ₹1.7 Crore In 8 Different Cases

"Security Audit Report from the security auditor should clearly state that these web-pages, including the backend database and scripts, if any, are free from any vulnerability and malicious code, which could be exploited to compromise and gain. Once the tender is provided to the auditing company, the Security audit work must be completed within 15 days from date of award of contract which includes issuance of Security Audit Certificate," said another official.