There is no question that Goa government websites are currently facing serious vulnerabilities. Over 70% of Goa’s 62 departmental government websites remain critically vulnerable to cyberattacks. Key portals, including those of the Goa Police, Goa University, and the Directorate of Accounts, lack basic security protocols such as SSL (Secure Socket Layer) certification, which is essential for encrypting data and securing user interactions. Compounding the issue, 45 websites have not had their mandatory security audits renewed in over 10 months, while 17 others are stuck in prolonged renewal processes exceeding a year.
Recent cyber incidents underscore the severity of the threat. Not long ago—just last week—the Department of Women and Child Development’s website was hacked and filled with casino advertisements, echoing past breaches of the Electricity Department and the Commercial Taxes site. Despite repeated assurances from officials, formal police complaints are often not filed, and fundamental flaws like expired audits and missing SSL certificates remain unaddressed. This inaction leaves sensitive government data—and citizen information—exposed to exploitation.
In response, the Department of Information Technology has issued a statewide directive for immediate security audits and designated Goa Electronics Limited (GEL) as the coordinating agency. However, many departments claim they have yet to receive clear instructions or technical support. Cybersecurity experts warn that unless urgent steps are taken to enforce basic protections and streamline coordination, Goa’s digital infrastructure could become a soft target in broader cyber warfare—with potentially disastrous consequences for public trust and data security.