NEW DELHI: The midnight launch of the universal tax regime on July 1 is on course. The government has even planned for a dress rehearsal on Wednesday. But is the country’s information technology system secure enough to support the mega reform? Experts aren’t convinced of the system’s capabilities to withstand cyber attacks.
“Since the GST Network began work on November 8 last year, experts working with it have told us in confidence that they are fighting cyber attacks each day,” says Pawan Duggal senior legal counsel with Cyber Law. “This is only going to increase from July 1 as cyber terrorists will try to test the resilience of the network.”
GST Network CEO Prakash Kumar told Express the system has undertaken the best of security measures at every level.
“The system will continue to be under constant vigil to avoid any form of attack,” he said — a tacit acknowledgement that systems aren’t impregnable.
In the recent past, both in India and globally, hackers have demonstrated their ability to incapacitate critical national infrastructure. The crippling effect such an event could have on the system and country is also evident. Duggal claims the GST Network could also be liable for violation of the IT Act in case of a data breach.
“It is not clear how GST complies with IT Law, since it is a computer network and an intermediary, and since they are not dealing with normal data but sensitive personal data, the liability issue will come up in case of a breach.”
But the Network’s CEO is confident of his system’s resilience. The management, he says, was well-guided a by security advisory group led by Gulshan Rai, National Cyber Security Coordinator at the Prime Minister’s Office.
However, unknown challenges do remain, says Prakash Kumar. One such challenge would be a sudden rush of taxpayers using the system at a time. It will truly test the network’s capabilities despite the mock tests.
“A single site could have performance-related issues; like crashing on a day when too many subscribers want to file tax, like in the past it has been seen that on the day of exam results, when too many students try to access it, the site is not able to respond…. The solution is in allowing access through different sites,” says Sahil Baghla, an ethical hacker.
He points out that big sites like Facebook have alternate links and suggests that GSTN should do the same.
Kumar claims that the GSTN data centres in Delhi and Bengaluru, with top IT security management accreditation, have taken the best measures to ensure the rollout happens without any glitches.