Indian Computer Emergency Response Team

Indian Computer Emergency Response Team (CERT-In)
Agency overview
Formed	19 January 2004;20 years ago
Headquarters	New Delhi, India ; 28°35′11″N77°14′22″E / 28.58639°N 77.23944°E
Motto	Handling Cyber Security Incidents
Agency executive	Dr. Sanjay Bahl, Director General;
Parent department	Ministry of Electronics and Information Technology
Website	सर्ट-इन.भारत , www.cert-in.org.in , www.सीएसके.सरकार.भारत , www.csk.gov.in

Last updated November 05, 2024

The Indian Computer Emergency Response Team (CERT-In or ICERT) is an office within the Ministry of Electronics and Information Technology of the Government of India.^[3] It is the nodal agency to deal with cyber security incidents. It strengthens security-related defence of the Indian Internet domain.

Background

CERT-In, an acronym for 'Indian Computer Emergency Response Team', is the National Incident Response Centre for major computer security incidents in its constituency i.e. Indian cyber community. It was formed in 2004 by the Government of India under Information Technology Act, 2000 Section (70B) under the Ministry of Communications and Information Technology. CERT-In is a functional organisation of Ministry of Electronics and Information, Govt. of India, with an objective of securing Indian cyber space.^[5]

CERT-In's primary role is to raise security awareness among Indian cyber community and to provide technical assistance and advise them to help them recover from computer security incidents.^[5] It provides technical advice to System Administrators and users to respond to computer security incidents. It also identifies trends in intruder activity, works with other similar institutions & organisations to resolve major security issues, and disseminates information to the Indian cyber community. It also enlightens its constituents about the security awareness and best practices for various systems; networks by publishing advisories, guidelines and other technical document.

CERT-In's vision is to proactively contribution in securing India's cyber space and building safe and trusted cyber ecosystem for the citizen. Its mission is to enhance the security of India's Communications and Information Infrastructure through proactive action and effective collaboration.

Functions

In December 2013, CERT-In reported there was a rise in cyber attacks on Government organisations like banking and finance, oil and gas and emergency services. It issued a list of security guidelines to all critical departments.^[6] It liaisons with the Office of National Cyber Security Coordinator, National Security Council and National Information Board in terms of the nation's cyber security and threats. As a nodal entity, India's Computer Emergency Response Team (CERT-In) plays a crucial role under the Ministry of Electronics and Information Technology(MeitY).

Indian Computer Emergency Response Team (CERT-In) launched Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) on 21 February 2017 as part of the Government of India's Digital India initiative under MeitY.^[7] Cyber Swachhta Kendra] (CSK) is a citizen centric service provided by CERT-In, which extends the vision of Swachh Bharat to the Cyber Space. CSK aims to secure India's digital IT Infrastructure by creating a dedicated mechanism for providing timely information about Botnet/Malware threats to the victim organization/user and suggesting remedial actions to be taken by the concerned entity. The centre has been established for detection of compromised systems in India and to notify, enable cleaning and securing systems of end users to prevent further malware infections. The centre is working in close coordination and collaboration with Internet Service Providers, Academia and Industry. The centre is providing detection of malicious programs and free tools to remove the same for common users.

In September 2022, CERT-In hosted exercise 'Synergy' in collaboration with Cyber Security Agency, Singapore. It had a participation of 13 countries and was conducted as a part of the International Counter Ransomware Initiative-Resilience Working Group.^[8]

Agreements

A memorandum of understanding (MoU) was signed in May 2016 between the Indian Computer Emergency Response Team (CERT-In) and the Ministry of Cabinet Office, UK.

Earlier CERT-In signed MoUs with similar organisations in about seven countries – Korea, Canada, Australia, Malaysia, Singapore, Japan and Uzbekistan.

The Ministry of External Affairs has also signed MoU with Cyber Security as one of the areas of cooperation with Shanghai Cooperation Organisation. With the MoUs, participating countries can exchange technical information on Cyber attacks, respond to cybersecurity incidents and find solutions to counter the cyber attacks. They can also exchange information on prevalent cyber security policies and best practices. The MoUs helps to strengthen the cyber space of signing countries, capacity building and improving the relationship between them.^[9]

A memorandum of understanding was signed by CERT-In and Mastercard to foster collaboration and information exchange in the field of financial sector cyber security. Both parties will take advantage of their combined knowledge in the areas of advanced malware analysis, cybersecurity incident response, capacity building, and exchanging cyber threat intelligence relevant to the banking sector.^[10]

In March 2014, CERT-In reported a critical flaw in Android Jelly Bean's VPN implementation.^[11]

In July 2020, CERT-In warned Google Chrome users to immediately upgrade to the new Chrome browser version 84.0.4147.89. Multiple vulnerabilities that could allow access to hackers were reported.^[12]

In April 2021, issued a "high severity" rating advisory on the vulnerability detected on WhatsApp and WhatsApp Business for Android prior to v2.21.4.18 and WhatsApp and WhatsApp Business for iOS prior to v2.21.32.^[13]

According to the agency, India faced 11.5 million cyberattack incidents in 2021 including corporate attacks, and attacks on critical infrastructure and government agencies.^[14]

On 4 December 2022, CERT-In was called in to investigate the cyber attack on All India Institute of Medical Sciences (AIIMS), Delhi.

On 19 July 2024, a computer outage relating to CrowdStrike tools in Microsoft systems was reported. CERT-In categorized the incident as "critical" and the IT minister, Ashwini Vaishnav said that the government is in touch with Microsoft and the issue will be resolved.^[15]^[16]

Guidelines

The CERT-IN issues guidelines on cybersecurity and critical vulnerabilities, from time to time. In April 2022, the CERT-IN issued a set of directions requiring certain cyber security measures to be undertaken by companies,^[17] including the following:

Reporting of cyber incidents within six hours^[18] to CERT-IN (which was limited to high-severity incidents through the FAQs;
Maintenance of ICT logs within the territory of India.^[19] Pursuant to the FAQs, they may be stored outside India, provided the requirement to store such logs outside India is met if logs can be produced as and when solicited by CERT-IN;
Synchronization of system time clocks with Network Time Protocol servers of National Physical Laboratory or National Informatics Centre; and
Additional obligations for VPN and VPS service providers.

Subsequently, the CERT-IN issued certain FAQs^[20] which clarified and relaxed some of the aforesaid requirements.

Related Research Articles

Computer security is the protection of computer software, systems and networks from threats that can lead to unauthorized information disclosure, theft or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

ESET, s.r.o., is a software company specializing in cybersecurity. ESET's security products are made in Europe and provides security software in over 200 countries and territories worldwide. Its software is localized into more than 30 languages.

The United States Computer Emergency Readiness Team (US-CERT) was a team under the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security.

The Korea Internet & Security Agency is the Ministry of Science and ICT's sub-organization dealing with the allocation and maintenance of South Korea's IPv4/IPv6 address space, Autonomous System Numbers, and the .kr country code top-level domain (ccTLD), and also responsible for the cybersecurity of the Internet within South Korea, and runs the Korea Computer Emergency Response Team Coordination Center, a.k.a. KrCERT/CC, for the private sector of the country. Other roles include but are not limited to, the promotion of safe Internet usage and Internet culture, detecting and analyzing malware/viruses on the web, privacy protection, operating root CA, education on Internet and cybersecurity, and various other cybersecurity issues.

A computer emergency response team (CERT) is an incident response team dedicated to computer security incidents.

Internet police is a generic term for police and government agencies, departments and other organizations in charge of policing the Internet in a number of countries. The major purposes of Internet police, depending on the state, are fighting cybercrime, as well as censorship and propaganda.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

Avalanche was a criminal syndicate involved in phishing attacks, online bank fraud, and ransomware. The name also refers to the network of owned, rented, and compromised systems used to carry out that activity. Avalanche only infected computers running the Microsoft Windows operating system.

A cyberattack occurs when there is an unauthorized action against computer infrastructure that compromises the confidentiality, integrity, or availability of its content.

The Ministry of Electronics and Information Technology (MEITy) is an executive agency of the Union Government of the Republic of India. It was carved out of the Ministry of Communications and Information Technology on 19 July 2016 as a standalone ministerial agency responsible for IT policy, strategy and development of the electronics industry. Under the sponsorship of the Ministry of Electronics and Information Technology, the "Northeast Heritage" Web, owned by the Government of India, publishes information on Northeast India, in 5 Indian languages, Assamese, Meitei (Manipuri), Bodo, Khasi and Mizo, in addition to Hindi and English.

Dorkbot is a family of malware worms that spreads through instant messaging, USB drives, websites or social media channels like Facebook. It originated in 2015 and infected systems were variously used to send spam, participate in DDoS attacks, or harvest users' credentials.

The National Cybersecurity and Communications Integration Center (NCCIC) is part of the Cybersecurity Division of the Cybersecurity and Infrastructure Security Agency, an agency of the U.S. Department of Homeland Security. It acts to coordinate various aspects of the U.S. federal government's cybersecurity and cyberattack mitigation efforts through cooperation with civilian agencies, infrastructure operators, state and local governments, and international partners.

Internet security awareness or Cyber security awareness refers to how much end-users know about the cyber security threats their networks face, the risks they introduce and mitigating security best practices to guide their behavior. End users are considered the weakest link and the primary vulnerability within a network. Since end-users are a major vulnerability, technical means to improve security are not enough. Organizations could also seek to reduce the risk of the human element. This could be accomplished by providing security best practice guidance for end users' awareness of cyber security. Employees could be taught about common threats and how to avoid or mitigate them.

Cisco Talos, or Cisco Talos Intelligence Group, is a cybersecurity technology and information security company based in Fulton, Maryland. It is a part of Cisco Systems Inc. Talos' threat intelligence powers Cisco Secure products and services, including malware detection and prevention systems. Talos provides Cisco customers and internet users with customizable defensive technologies and techniques through several of their own open-source products, including the Snort intrusion prevention system and ClamAV anti-virus engine.

TR-CERT is an organization within the Information and Communication Technologies Authority (ICTA) which is the national regulatory authority of the Turkish electronic communication sector. It is responsible for the analysis and risk mitigation of large-scale cyber threats and vulnerabilities, communicating information regarding malicious cyber activities or possible vulnerabilities to computer security incident response teams (CSIRT) and the public.

Brunei Computer Emergency Response Team, commonly known as BruCERT, is a computer emergency response team and national cybersecurity organization of Brunei Darussalam. Affiliated with the OIC Computer Emergency Response Team, the Asia Pacific CERT (APCERT), Forum of Incident Response and Security Teams (FIRST) and other international organizations in the information technology sector, it is tasked with preventing, analysing, and maintaining cybersecurity in addition to serving as a national research centre for IT infrastructure in the country.

Azerbaijan Computer Emergency Response Team, officially known as Azerbaijan Government CERT, is a computer emergency response team of the Republic of Azerbaijan responsible for cybersecurity and gathering data concerning information technology. It operates under the Special Communication and Information Security State Service of the government of Azerbaijan. It collects data within its framework from relevant sources, including internet users, computer engineering groups, individuals or organizations and software developers. It coordinates with the foreign countries for gathering and analysing data from cybersecurity incidents involving both software and hardware tools designed for the prevention of internet and computer security.

The Bangladesh e-Government Computer Incident Response Team is the state-run agency of the government of Bangladesh responsible for maintaining cybersecurity in the country. Works under the Ministry of Posts, Telecommunications and Information Technology, it is the national computer emergency response team (CERT) with prim focus on receiving and reviewing, and responding to cybersecurity incidents in the country.

Pakistan Computer Emergency Response Team (PKCERT) is a national initiative aimed at strengthening cyber security in Pakistan. PKCERT was established to counter the growing cyber threats and hacking attempts targeting various public sector entities.

A cyberattack is any unauthorized effort against computer infrastructure that compromises the confidentiality, integrity, or availability of its content.

References

↑ "techtarget.in". Archived from the original on 21 October 2013. Retrieved 21 October 2013.
↑ "first.org- About CERT-In" . Retrieved 23 October 2013.
1 2 "meity.gov.in -- CERT-In" . Retrieved 21 October 2013.
↑ "Who's who". Ministry of Electronics and Information Technology . Retrieved 31 May 2017.
1 2 "Explained | What is CERT-In?". Onmanorama. Retrieved 20 June 2024.
↑ "As cyber attacks rise, government sounds alert". The Hindu. New Delhi, India. 26 December 2013.
↑ "Ministry of Electronics and Information Technology (MeitY) launches Cyber Swachhta Kendra - Botnet Cleaning and Malware Analysis Centre". Press Information Bureau. 22 February 2017.
↑ "CERT-In hosts Cyber Security Exercise "Synergy" for 13 countries as part of International Counter Ransomware Initiative- Resilience Working Group". pib.gov.in. Retrieved 23 January 2023.
↑ "Cabinet apprised of MoU between CERT-In India and CERT-UK". Business Standard. 13 October 2016. Retrieved 20 June 2024.
↑ "Mastercard and CERT-In join hands to strengthen cybersecurity for financial sector". The Times of India. 20 June 2024. ISSN 0971-8257 . Retrieved 20 June 2024.
↑ "Android's Jelly Bean, Kit Kat under cyber threat in India: CERT-In". NDTV. New Delhi, India. 2 March 2014.
↑ IANS (21 July 2020). "Update your Google Chrome browser now to avoid hackers, says CERT-In". Business Standard India. Retrieved 16 June 2021.
↑ "WhatsApp Users Warned of Flaw That Could Leak Their Personal Data". NDTV Gadgets 360. 19 April 2021. Retrieved 16 June 2021.
↑ "US cybersecurity provider SentinelOne opens India office in Bengaluru". The Hindu . 15 June 2022.
↑ "Massive Worldwide Microsoft Outage: Flights, Markets, Stock Exchange Down". NDTV.com. Retrieved 19 July 2024.
↑ Bureau (19 July 2024). "Microsoft Global Outage LIVE: Microsoft's Windows outage impacts airlines, financial institutions and broadcasters on a global scale". The Hindu. ISSN 0971-751X . Retrieved 19 July 2024.{{cite news}}: |last= has generic name (help)
↑ "CERT-In issues directions relating to information security practices, procedure, prevention, response and reporting of cyber incidents for Safe & Trusted Internet". pib.gov.in. Retrieved 7 June 2024.
↑ Sameer Avasarala, Prashant Phillips. "Analyzing the new CERT-IN Directions: Wider gamut than breach reporting". lakshmisri.com. Retrieved 7 June 2024.
↑ Sengupta, Arun Prabhu, Arpita (24 May 2022). "The Cert-In Cyber Security Directions: More Questions Than Answers?". India Corporate Law. Retrieved 7 June 2024.{{cite web}}: CS1 maint: multiple names: authors list (link)
↑ "Indian Computer Emergency Response Team (CERT-In) releases FAQs to address queries on Cyber Security Directions of 28.04.2022". pib.gov.in. Retrieved 7 June 2024.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[tt.in-1] "techtarget.in". Archived from the original on 21 October 2013. Retrieved 21 October 2013.

[fir-2] "first.org- About CERT-In" . Retrieved 23 October 2013.

[meity_--_icert-3] 1 2 "meity.gov.in -- CERT-In" . Retrieved 21 October 2013.

[4] "Who's who". Ministry of Electronics and Information Technology . Retrieved 31 May 2017.

[:0-5] 1 2 "Explained | What is CERT-In?". Onmanorama. Retrieved 20 June 2024.

[6] "As cyber attacks rise, government sounds alert". The Hindu. New Delhi, India. 26 December 2013.

[7] "Ministry of Electronics and Information Technology (MeitY) launches Cyber Swachhta Kendra - Botnet Cleaning and Malware Analysis Centre". Press Information Bureau. 22 February 2017.

[8] "CERT-In hosts Cyber Security Exercise "Synergy" for 13 countries as part of International Counter Ransomware Initiative- Resilience Working Group". pib.gov.in. Retrieved 23 January 2023.

[9] "Cabinet apprised of MoU between CERT-In India and CERT-UK". Business Standard. 13 October 2016. Retrieved 20 June 2024.

[10] "Mastercard and CERT-In join hands to strengthen cybersecurity for financial sector". The Times of India. 20 June 2024. ISSN 0971-8257 . Retrieved 20 June 2024.

[11] "Android's Jelly Bean, Kit Kat under cyber threat in India: CERT-In". NDTV. New Delhi, India. 2 March 2014.

[12] IANS (21 July 2020). "Update your Google Chrome browser now to avoid hackers, says CERT-In". Business Standard India. Retrieved 16 June 2021.

[13] "WhatsApp Users Warned of Flaw That Could Leak Their Personal Data". NDTV Gadgets 360. 19 April 2021. Retrieved 16 June 2021.

[14] "US cybersecurity provider SentinelOne opens India office in Bengaluru". The Hindu . 15 June 2022.

[15] "Massive Worldwide Microsoft Outage: Flights, Markets, Stock Exchange Down". NDTV.com. Retrieved 19 July 2024.

[16] Bureau (19 July 2024). "Microsoft Global Outage LIVE: Microsoft's Windows outage impacts airlines, financial institutions and broadcasters on a global scale". The Hindu. ISSN 0971-751X . Retrieved 19 July 2024.{{cite news}}: |last= has generic name (help)

[17] "CERT-In issues directions relating to information security practices, procedure, prevention, response and reporting of cyber incidents for Safe & Trusted Internet". pib.gov.in. Retrieved 7 June 2024.

[18] Sameer Avasarala, Prashant Phillips. "Analyzing the new CERT-IN Directions: Wider gamut than breach reporting". lakshmisri.com. Retrieved 7 June 2024.

[19] Sengupta, Arun Prabhu, Arpita (24 May 2022). "The Cert-In Cyber Security Directions: More Questions Than Answers?". India Corporate Law. Retrieved 7 June 2024.{{cite web}}: CS1 maint: multiple names: authors list (link)

[20] "Indian Computer Emergency Response Team (CERT-In) releases FAQs to address queries on Cyber Security Directions of 28.04.2022". pib.gov.in. Retrieved 7 June 2024.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

Authority control databases
International	VIAF
National	United States Israel

Agency overview

Formed	19 January 2004;20 years ago (2004-01-19)^[1]^[2]
Headquarters	New Delhi, India ^[3] 28°35′11″N77°14′22″E / 28.58639°N 77.23944°E / 28.58639; 77.23944
Motto	Handling Cyber Security Incidents
Agency executive	Dr. Sanjay Bahl, Director General^[4]
Parent department	Ministry of Electronics and Information Technology
Website	सर्ट-इन.भारत , www.cert-in.org.in , www.सीएसके.सरकार.भारत , www.csk.gov.in