The Central Board of Secondary Education (CBSE) has acknowledged security vulnerabilities within its OnMark answer-sheet evaluation portal [1, 2].
The admission follows a period of denial regarding the system's stability. Ensuring the security of the OnMark portal is critical to maintaining the integrity of digital examinations and preventing the unauthorized alteration of student marks.
To address the gaps, the CBSE has deployed cybersecurity experts from various government agencies and Indian Institutes of Technology (IITs) [1]. These specialists are tasked with fortifying the portal to prevent potential misuse of the digital assessment infrastructure [1].
The vulnerabilities were brought to light by a 19-year-old [2] cybersecurity researcher. After the researcher reported the flaws, the board shifted its stance from denial to active remediation [2].
As part of its strategy to harden the system, the CBSE is now inviting ethical hackers to identify and report further security flaws [1, 2]. This crowdsourced approach aims to find weaknesses before malicious actors can exploit them, a common practice in modern software security.
The board said it is working to ensure the evaluation process remains transparent and secure [1]. The deployment of IIT experts suggests the board is seeking a high level of technical rigor to resolve the underlying architectural issues of the portal [1].
“CBSE acknowledged security vulnerabilities in its OnMark answer-sheet evaluation portal.”
This incident highlights the tension between the rapid digitalization of public education and the necessity of robust cybersecurity. By pivoting from denial to an open call for ethical hackers, the CBSE is acknowledging that internal government oversight may be insufficient to counter modern cyber threats, necessitating a collaborative 'bug bounty' style approach to protect national examination data.
