CBSE thwarts major cyberattack on revaluation portal; 3.8 million attack packets detected on June 3
By Vishu Adhana, New Delhi, June 5
The Central Board of Secondary Education's re-evaluation portal was targeted by a large-scale cyberattack involving nearly 3.8 million malicious packets on June 3 in an apparent attempt to disrupt the ongoing verification and re-evaluation process, CBSE officials told.
According to officials, the portal also detected and blocked over 100,000 unauthorised access attempts within minutes of becoming operational on June 2, while security systems successfully mitigated coordinated high-volume traffic bursts resembling Distributed Denial-of-Service (DDoS) attacks.
"The traffic profile showed coordinated request surges consistent with DDoS-type attack patterns. However, the security architecture deployed on the platform successfully mitigated the threat and ensured continuity of services," a CBSE official told ANI.
As of June 4, the Board had received 70,433 applications through the post-result grievance redressal mechanism, including 7,314 applications for verification of marks and 63,119 applications for re-evaluation, according to officials.
Officials said the re-evaluation portal, which was originally scheduled to go live on June 1, was launched on June 2 after an emergency security hardening exercise was undertaken following concerns related to the OSM implementation.
"Prior to activation, the system underwent penetration testing, vulnerability assessments and load testing with specialised cybersecurity support. The launch was deferred to ensure that all identified vulnerabilities were addressed and the platform could withstand high traffic volumes," an official said.
The portal was activated at around 4:30 am on June 2 after security validations were completed. According to officials, it recorded nearly 1.5 million access requests within the first two minutes of launch, even as unauthorised access attempts were detected and blocked in real time.
Despite the cyberattacks and heavy traffic load, the platform remained stable, supporting more than 8,000 concurrent users, officials said.
Officials added that no confirmed compromise of student data has been detected so far, although post-event security reviews are continuing.
The controversy surrounding the OSM system escalated after several students alleged missing pages, unchecked answers and discrepancies in scanned copies of answer books made available through the post-result process. The Ministry of Education subsequently initiated a review of the implementation and procurement aspects of the OSM project, including vendor performance, contractual obligations and quality-control mechanisms.
In a parallel move, the government ordered an independent inquiry under S. Radha Chauhan, Chairperson of the Capacity Building Commission, to examine procurement and implementation-related aspects of the project.
As part of the administrative response, Rahul Singh and Himanshu Gupta were transferred, while Prashant Lokhande was appointed as the new CBSE Chairman, and Varun Bhardwaj took charge as the Board's new Secretary.
Officials said technical audits have been initiated with support from Indian Institute of Technology Kanpur and Indian Institute of Technology Madras, and corrective measures have been implemented to address scanning and platform-related deficiencies identified during the review process.
— ANI
Reader Comments
"No confirmed compromise of student data so far" - that's a relief, but the fact that 100,000+ unauthorised access attempts happened within minutes is scary. Indian education boards need seriously upgrade their cybersecurity game, not just patch things after attacks. Better late than never, I suppose! 🙏
Interesting that the portal launch was delayed from June 1 to June 2 for 'security hardening' - and still they got hit the very next day. Whoever planned the attack probably knew the launch schedule. Hope the inquiry by the Capacity Building Commission looks into all angles. 🤨
70,000+ applications for re-evaluation and verification - that's a huge number! Clearly students were not satisfied with the initial results or the scanned copies. The government's decision to transfer Rahul Singh and Himanshu Gupta shows they're serious about accountability. Let's see if the new Chairman Prashant Lokhande can fix things. 👍
While the cyberattack is worrying, the bigger issue is why students' answer books had missing pages and unchecked answers in the first place. That's a breach of trust in the examination system. The technical audit is important, but CBSE also needs to address the fundamental quality control issues. 🇮🇳
Respectful criticism: Why do we always wait for a crisis to take action? The OSM system was rushed into implementation without proper checks. Now we have cybersecurity issues on top of scanning errors. I hope the independent inquiry by Ms. S. Radha Chauhan brings out systemic flaws so this doesn't repeat. Students' future is
We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.