Indian Computer Emergency Response Team

Last updated

Indian Computer Emergency Response Team (CERT-In)
CERT-In 2023.png
Agency overview
Formed19 January 2004;20 years ago (2004-01-19) [1] [2]
Headquarters New Delhi, India [3]
28°35′11″N77°14′22″E / 28.58639°N 77.23944°E / 28.58639; 77.23944
MottoHandling Cyber Security Incidents
Agency executive
  • Dr. Sanjay Bahl, Director General [4]
Parent department Ministry of Electronics and Information Technology
Website सर्ट-इन.भारत , www.cert-in.org.in , www.सीएसके.सरकार.भारत , www.csk.gov.in

The Indian Computer Emergency Response Team (CERT-In or ICERT) is an office within the Ministry of Electronics and Information Technology of the Government of India. [3] It is the nodal agency to deal with cyber security incidents. It strengthens security-related defence of the Indian Internet domain.

Contents

Background

CERT-In was formed in 2004 by the Government of India under Information Technology Act, 2000 Section (70B) under the Ministry of Communications and Information Technology. CERT-In is a functional organisation of Ministry of Electronics and Information, Govt. of India, with an objective of securing Indian cyber space.

CERT-In is an acronym for 'Indian Computer Emergency Response Team'.

CERT-In is the National Incident Response Centre for major computer security incidents in its constituency i.e. Indian cyber community.

CERT-In's primary role is to raise security awareness among Indian cyber community and to provide technical assistance and advise them to help them recover from computer security incidents.

CERT-In provides technical advice to System Administrators and users to respond to computer security incidents. It also identifies trends in intruder activity, works with other similar institutions & organisations to resolve major security issues, and disseminates information to the Indian cyber community.

CERT-In also enlightens its constituents about the security awareness and best practices for various systems; networks by publishing advisories, guidelines and other technical document

CERT-In's vision is to proactively contribution in securing India's cyber space and building safe and trusted cyber ecosystem for the citizen. Its mission is to enhance the security of India's Communications and Information Infrastructure through proactive action and effective collaboration.

Objectives

Functions

In December 2013, CERT-In reported there was a rise in cyber attacks on Government organisations like banking and finance, oil and gas and emergency services. It issued a list of security guidelines to all critical departments. [5] It liaisons with the Office of National Cyber Security Coordinator, National Security Council and National Information Board in terms of the nation's cyber security and threats. As a nodal entity, India’s Computer Emergency Response Team (CERT-In) plays a crucial role under the Ministry of Electronics and Information Technology(MeitY).

Indian Computer Emergency Response Team (CERT-In) launched "Cyber Swachhta Kendra" / "साइबर स्वच्छता केन्द्र" (Botnet Cleaning and Malware Analysis Centre) on 21 February 2017 as part of the Government of India’s Digital India initiative under MeitY. Cyber Swachhta Kendra (CSK) is a citizen centric service provided by CERT-In, which extends the vision of Swachh Bharat to the Cyber Space. CSK aims to secure India’s digital IT Infrastructure by creating a dedicated mechanism for providing timely information about Botnet/Malware threats to the victim organization/user and suggesting remedial actions to be taken by the concerned entity. The Centre has been established for detection of compromised systems in India and to notify, enable cleaning and securing systems of end users to prevent further malware infections. The centre is working in close coordination and collaboration with Internet Service Providers, Academia and Industry. The centre is providing detection of malicious programs and free tools to remove the same for common users. Website : ( www.सीएसके.सरकार.भारत , www.csk.gov.in )

September 2022, CERT-In hosted exercise 'Synergy' in collaboration with Cyber Security Agency, Singapore. It had a participation of 13 countries and was conducted as a part of the International Counter Ransomware Initiative-Resilience Working Group. [6]

Agreements

A memorandum of understanding (MoU) was signed in May 2016 between the Indian Computer Emergency Response Team (CERT-In) and the Ministry of Cabinet Office, UK.

Earlier CERT-In signed MoUs with similar organisations in about seven countries - Korea, Canada, Australia, Malaysia, Singapore, Japan and Uzbekistan.

The Ministry of External Affairs has also signed MoU with Cyber Security as one of the areas of cooperation with Shanghai Cooperation Organisation. With the MoUs, participating countries can exchange technical information on Cyber attacks, respond to cybersecurity incidents and find solutions to counter the cyber attacks. They can also exchange information on prevalent cyber security policies and best practices. The MoUs helps to strengthen the cyber space of signing countries, capacity building and improving the relationship between them. [7]

Incidents and reports

In March 2014, CERT-In reported a critical flaw in Android Jelly Bean's VPN implementation. [8]

In July 2020, CERT-In warned Google Chrome users to immediately upgrade to the new Chrome browser version 84.0.4147.89. Multiple vulnerabilities that could allow access to hackers were reported. [9]

In April 2021, issued a "high severity" rating advisory on the vulnerability detected on WhatsApp and WhatsApp Business for Android prior to v2.21.4.18 and WhatsApp and WhatsApp Business for iOS prior to v2.21.32. [10]

According to the agency, India faced 11.5 million cyberattack incidents in 2021 including corporate attacks, and attacks on critical infrastructure and government agencies. [11]

December 4 2022, CERT-In was called in to investigate the cyber attack on All India Institute of Medical Sciences (AIIMS), Delhi.

Related Research Articles

<span class="mw-page-title-main">Computer security</span> Protection of computer systems from information disclosure, theft or damage

Computer security, cybersecurity, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

<span class="mw-page-title-main">ESET</span> Slovak internet security company

ESET, s.r.o., is a software company specializing in cybersecurity. ESET's security products are made in Europe and provide security software in over 200 countries and territories worldwide. Its software is localized into more than 30 languages.

The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Specifically, US-CERT is a branch of the Office of Cybersecurity and Communications' (CS&C) National Cybersecurity and Communications Integration Center (NCCIC).

A computer emergency response team (CERT) is an expert group that handles computer security incidents. Alternative names for such groups include cyber emergency response team, computer emergency readiness team, and computer security incident response team (CSIRT). A more modern representation of the CSIRT acronym is Cyber Security Incident Response Team.

<span class="mw-page-title-main">Internet police</span> Term describing governmental and official involvement in cyber policing

Internet police is a generic term for police and government agencies, departments and other organizations in charge of policing the Internet in a number of countries. The major purposes of Internet police, depending on the state, are fighting cybercrime, as well as censorship and propaganda.

<span class="mw-page-title-main">Malwarebytes</span> Internet security company

Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.

Avalanche was a criminal syndicate involved in phishing attacks, online bank fraud, and ransomware. The name also refers to the network of owned, rented, and compromised systems used to carry out that activity. Avalanche only infected computers running the Microsoft Windows operating system.

<span class="mw-page-title-main">Macau Computer Emergency Response Team Coordination Centre</span>

Macau Computer Emergency Response Team Coordination Centre (MOCERT) is managed by Macau New Technologies Incubator Centre in providing Macau with computer security incident handling information, promoting information security awareness, as well as coordinating computer security incident response for the public and local enterprises.

A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack.

Indicator of compromise (IoC) in computer forensics is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion.

<span class="mw-page-title-main">Ministry of Electronics and Information Technology</span> Government agency in India

The Ministry of Electronics and Information Technology (MEITy) is an executive agency of the Union Government of the Republic of India. It was carved out of the Ministry of Communications and Information Technology on 19 July 2016 as a standalone ministerial agency responsible for IT policy, strategy and development of the electronics industry. Under the sponsorship of the Ministry of Electronics and Information Technology, the "Northeast Heritage" Web, owned by the Government of India, publishes information on Northeast India, in 5 Indian languages, Assamese, Meitei (Manipuri), Bodo, Khasi and Mizo, in addition to Hindi and English.

The following outline is provided as an overview of and topical guide to computer security:

Dorkbot is a family of malware worms that spreads through instant messaging, USB drives, websites or social media channels like Facebook. It originated in 2015 and infected systems were variously used to send spam, participate in DDoS attacks, or harvest users' credentials.

Mirai is malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as IP cameras and home routers. The Mirai botnet was first found in August 2016 by MalwareMustDie, a white hat malware research group, and has been used in some of the largest and most disruptive distributed denial of service (DDoS) attacks, including an attack on 20 September 2016 on computer security journalist Brian Krebs' website, an attack on French web host OVH, and the October 2016 Dyn cyberattack. According to a chat log between Anna-senpai and Robert Coelho, Mirai was named after the 2011 TV anime series Mirai Nikki.

National Critical Information Infrastructure Protection Centre (NCIIPC) is an organisation of the Government of India created under Section 70A of the Information Technology Act, 2000 (amended 2008), through a gazette notification on 16 January 2014. Based in New Delhi, India, it is designated as the National Nodal Agency in terms of Critical Information Infrastructure Protection. It is a unit of the National Technical Research Organisation (NTRO) and therefore comes under the Prime Minister's Office (PMO).

Marcus Hutchins, also known online as MalwareTech, is a British computer security researcher known for stopping the WannaCry ransomware attack. He is employed by cybersecurity firm Kryptos Logic. Hutchins is from Ilfracombe in Devon.

<span class="mw-page-title-main">TR-CERT</span>

TR-CERT is an organization within the Information and Communication Technologies Authority (ICTA) which is the national regulatory authority of the Turkish electronic communication sector. It is responsible for the analysis and risk mitigation of large-scale cyber threats and vulnerabilities, communicating information regarding malicious cyber activities or possible vulnerabilities to computer security incident response teams (CSIRT) and the public.

<span class="mw-page-title-main">Bangladesh e-Government Computer Incident Response Team</span> National cybersecurity agency of Bangladesh

The Bangladesh e-Government Computer Incident Response Team is the state-run agency of the government of Bangladesh responsible for maintaining cybersecurity in the country. Works under the Ministry of Posts, Telecommunications and Information Technology, it is the national computer emergency response team (CERT) with prim focus on receiving and reviewing, and responding to cybersecurity incidents in the country.

Pakistan Computer Emergency Response Team (PkCERT) is a national initiative aimed at strengthening cyber security in Pakistan. PkCERT was established to counter the growing cyber threats and hacking attempts targeting various public sector entities.

References

  1. "techtarget.in" . Retrieved 21 October 2013.
  2. "first.org- About CERT-In" . Retrieved 23 October 2013.
  3. 1 2 "meity.gov.in -- CERT-In" . Retrieved 21 October 2013.
  4. "Who's who". Ministry of Electronics and Information Technology . Retrieved 31 May 2017.
  5. "As cyber attacks rise, government sounds alert". The Hindu. New Delhi, India. 26 December 2013.
  6. "CERT-In hosts Cyber Security Exercise "Synergy" for 13 countries as part of International Counter Ransomware Initiative- Resilience Working Group". pib.gov.in. Retrieved 23 January 2023.
  7. "Cabinet apprised of MoU between CERT-In India and CERT-UK".
  8. "Android's Jelly Bean, Kit Kat under cyber threat in India: CERT-In". NDTV. New Delhi, India. 2 March 2014.
  9. IANS (21 July 2020). "Update your Google Chrome browser now to avoid hackers, says CERT-In". Business Standard India. Retrieved 16 June 2021.
  10. "WhatsApp Users Warned of Flaw That Could Leak Their Personal Data". NDTV Gadgets 360. Retrieved 16 June 2021.
  11. "US cybersecurity provider SentinelOne opens India office in Bengaluru". The Hindu . 15 June 2022.


This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.