Recent steps to prevent Cyber Breaches
- IAS NEXT, Lucknow
- 02, May 2022
Reference News:-
India’s nodal cybersecurity agency, Computer Emergency Response Team (CERT-In) has taken the following steps to prevent Cyber Breaches:
- All service providers, intermediaries, data center providers, corporates, and government organizations have to report cyber incidents within six hours of their detection.
- The new directions require virtual asset, exchange, and custodian wallet providers to maintain records on KYC and financial transactions for a period of five years.
- Companies providing cloud, virtual private network (VPN) will also have to register validated names, emails, and IP addresses of subscribers.
- Service providers will also have to provide information and assistance to CERT-In for any action taken to mitigate the impact of the cyber incident.
- To ensure the chain of events is accurately reflected in the time frame, service providers have been asked to connect and synchronize all their ICT systems clocks to the Network Time Protocol (NTP) Server of the National Informatics Centre (NIC) or National Physical Laboratory (NPL).
Need for:
The directions have been issued under the provisions of sub-section (6) of section 70B of the Information Technology Act, 2000 after CERT-In found certain gaps that were “causing hindrance to incident analysis”.
Significance:
CERT-In said these directions will enhance “overall cybersecurity posture” and guarantee “safe and trusted Internet” in the country.
What is NTP?
NTP is a protocol used for reliably transmitting and receiving accurate time sources over TCP/IP-based networks. It is used for synchronizing the internal clock of computers to a common time source.
Cyber attacks in the country:
Cyberattacks on Indian organizations have more than doubled in recent years. For instance, ransomware attacks on Indian organizations in 2021 increased 218% year-on-year (YoY), reported security firm Palo Alto Networks.
What is CERT-In?
CERT-In is the national nodal agency for responding to computer security incidents as and when they occur.
- The constituency of CERT-In is the Indian Cyber Community.
- CERT-In was established in 2004 as a functional organization of the Ministry of Electronics and Information Technology.
Functions:
The Information Technology (Amendment) Act 2008 designated CERT-In to serve as the national agency to perform the following functions in the area of cyber security:
- Collection, analysis and dissemination of information on cyber incidents.
- Forecast and alerts of cyber security incidents.
- Emergency measures for handling cyber security incidents.
- Coordination of cyber incident response activities.
- Issue guidelines, advisories, vulnerability notes and whitepapers relating to information.
- Security practices, procedures, prevention, response and reporting of cyber incidents.
- Such other functions relating to cyber security as may be prescribed.