Security News > 2022 > June > Indian government issues confidential infosec guidance to staff – who leak it
India's government last week issued confidential information security guidelines to the 30 million plus workers it employs - and as if to prove a point, the document quickly leaked on a government website.
The document, and the measures it contains, suggest infosec could be somewhat loose across India's government sector.
"In order to sensitize government employees and contractual/outsourced resources and build awareness amongst them on what to do and what not to do from a cyber security perspective, these guidelines have been compiled."
Despite being marked "Restricted" and for access only within Indian government departments and ministries - and including an exhortation that those sent the document "Should honor this access right by preventing intentional or accidental access outside the access scope" - The Register was able to find it on an Indian government website with minimal effort.
Uploading internal/restricted/confidential government data or files to any non-government cloud service;.
One such actor - Malaysia's DragonForce - last week launched attacks on Indian government targets and over the weekend claimed to have deleted the website of the Port Of Chennai.