The Central Board of Secondary Education (CBSE) has announced that it has successfully contained vulnerabilities identified in the OnMark portal of its service provider. The board is now collaborating with cybersecurity experts to further reinforce the system against potential threats.
Gratitude Towards Ethical Hackers and Public
In a statement, CBSE expressed its appreciation for ethical hackers and members of the public who brought these issues to light. 'We are grateful to all alert citizens and ethical hackers pointing out such weaknesses, and have gotten in touch with some of them directly,' the board said.
Background of the Security Concerns
The statement comes in response to allegations made by 19-year-old ethical hacker Nisarga Adhikary, who claimed to have identified multiple security flaws in CBSE's digital evaluation ecosystem. In a blog post, Adhikary detailed vulnerabilities in the On-Screen Marking (OSM) portal that could potentially allow unauthorized access to examiner accounts and evaluation functions.
CBSE's Proactive Measures
CBSE stated that it has been closely monitoring the issues flagged in the public domain. 'We have been closely monitoring the vulnerabilities in the OnMark portal of our service provider that are being flagged in the public domain,' the board noted.
To address these concerns, a team of cybersecurity experts from various government agencies and Indian Institutes of Technology (IITs) has been deployed over the past few days. 'An expert team of cybersecurity professionals has been deployed over the last few days from across various arms of the government as well as the IITs to fortify these systems, including taking them over to a more secure setup,' the board added.
Clarification on Previous Claims
Earlier, CBSE had refuted claims that its actual evaluation platform was compromised. The board clarified that the URL highlighted in social media posts was merely a testing portal containing sample data, not the system used for live evaluation work.
CBSE's swift action underscores its commitment to maintaining the integrity and security of its digital evaluation processes.
