Mumbai: Customs Initiates Website Security Audit After Hacking Incident, Invites Bids For Assessment

Mumbai: Customs Initiates Website Security Audit After Hacking Incident, Invites Bids For Assessment

Last year, one of the websites of Customs was hacked by an Indonesia based hacking group.

Somendra SharmaUpdated: Wednesday, March 20, 2024, 05:42 PM IST
article-image

Mumbai Customs Department is carrying out an audit of its website to assess the security risks facing an organization and the controls of counter-measures adopted by the organisation to mitigate those risks. Last year, one of the websites of Customs was hacked by an Indonesia based hacking group.

Online tender invited

According to the sources, the Commissioner of Customs, Export, Mumbai Customs Zone-l, New Customs House (NCH) has invited online tender in two bid system (technical and financial) through e-submission of competitive bids from the reputed and experienced company/firms/contractors/enterprises for carrying out Security Audit of official website of Mumbai Custom Zone - I (https://mumbaicustomszone1.gov.in).

The security audit

"A security Audit is a specified process designed to assess the security risks facing an organization and the controls of countermeasures adopted by the organization to mitigate those risks. As a part of any audit, the auditors will interview key personnel, conduct vulnerability assessments and penetration testing, catalog existing security policies and controls and examine IT assets," said a source.

He added, "IT security auditing would include a combination of vulnerability assessment, application security assessment, password cracking, log review, incident response and forensic auditing, integrity checks and virus detection. The auditor's responsibilities need to articulate, not just the audit tasks, but also the documentation of their activities, reporting their actions etc. and providing necessary guidance to the developer as and when requested during the audit phase."

"Security Audit Report from the security auditor should clearly state that these web-pages, including the backend database and scripts, if any, are free from any vulnerability and malicious code, which could be exploited to compromise and gain. Once the tender is provided to the auditing company, the Security audit work must be completed within 15 days from date of award of contract which includes issuance of Security Audit Certificate," said another official.

RECENT STORIES

MahaRERA Suspends Registration Of 20,000 Real Estate Agents For Flouting Guidelines

MahaRERA Suspends Registration Of 20,000 Real Estate Agents For Flouting Guidelines

Dombivli Fire Update: At Least 4 Dead After Massive Blaze At MIDC Chemical Factory; Visuals Surface

Dombivli Fire Update: At Least 4 Dead After Massive Blaze At MIDC Chemical Factory; Visuals Surface

Mumbai Weather Update: Humid Conditions to Prevail, Light Rainfall Likely In Evening, Predicts IMD

Mumbai Weather Update: Humid Conditions to Prevail, Light Rainfall Likely In Evening, Predicts IMD

Ghatkopar Hoarding Collapse: Bhavesh Bhinde Might Have Had 'Monopoly' With GRP; Crime Branch Forms...

Ghatkopar Hoarding Collapse: Bhavesh Bhinde Might Have Had 'Monopoly' With GRP; Crime Branch Forms...

Cannes 2024: Sonam Chhabra Walks Down Red Carpet 5 Months After Donating Liver To Mother

Cannes 2024: Sonam Chhabra Walks Down Red Carpet 5 Months After Donating Liver To Mother