Indian Computer Emergency Response Team

The Indian Computer Emergency Response Team (CERT-In or ICERT) is an office within the Ministry of Electronics and Information Technology of the Government of India.[3] It is the nodal agency to deal with cyber security threats like hacking and phishing. It strengthens security-related defence of the Indian Internet domain.

Indian Computer Emergency Response Team (CERT-In)
Agency overview
Formed19 January 2004 (2004-01-19)[1][2]
HeadquartersNew Delhi, India[3]
28°35′11″N 77°14′22″E
MottoHandling Cyber Security Incidents
Agency executive
  • Sanjay Bahl, Director General[4]
Parent departmentMinistry of Electronics and Information Technology
Websitecert-in.org.in

Background

CERT-IN was formed in 2004 by the Government of India under Information Technology Act, 2000 Section (70B) under the Ministry of Communications and Information Technology. CERT-IN has overlapping responsibilities with other agencies such as National Critical Information Infrastructure Protection Centre (NCIIPC) which is under the National Technical Research Organisation (NTRO) that comes under the Prime Minister's Office and the National Disaster Management Authority (NDMA) which is under Ministry of Home Affairs.[5]

Functions

In December 2013, CERT-In reported there was a rise in cyber attacks on Government organisations like banking and finance, oil and gas and emergency services. It issued a list of security guidelines to all critical departments.[6] It liaisons with the Office of National Cyber Security Coordinator, National Security Council and National Information Board in terms of the nation's cyber security and threats. As a nodal entity, India’s Computer Emergency Response Team (CERT-in) plays a crucial role under the Ministry of Electronics and Information Technology(MeitY).

September 2022, CERT-In hosted exercise 'Synergy' in collaboration with Cyber Security Agency, Singapore. It had a participation of 13 countries and was conducted as a part of the International Counter Ransomware Initiative-Resilience Working Group.[7]

Agreements

A memorandum of understanding (MoU) was signed in May 2016 between the Indian Computer Emergency Response Team (CERT-In) and the Ministry of Cabinet Office, UK.

Earlier CERT-In signed MoUs with similar organisations in about seven countries - Korea, Canada, Australia, Malaysia, Singapore, Japan and Uzbekistan.

The Ministry of External Affairs has also signed MoU with Cyber Security as one of the areas of cooperation with Shanghai Cooperation Organisation. With the MoUs, participating countries can exchange technical information on Cyber attacks, respond to cybersecurity incidents and find solutions to counter the cyber attacks. They can also exchange information on prevalent cyber security policies and best practices. The MoUs helps to strengthen the cyber space of signing countries, capacity building and improving the relationship between them.[8]

Incidents and reports

In March 2014, CERT-In reported a critical flaw in Android Jelly Bean's VPN implementation.[9]

In July 2020, CERT-In warned Google Chrome users to immediately upgrade to the new Chrome browser version 84.0.4147.89. Multiple vulnerabilities that could allow access to hackers were reported.[10]

In April 2021, issued a "high severity" rating advisory on the vulnerability detected on WhatsApp and WhatsApp Business for Android prior to v2.21.4.18 and WhatsApp and WhatsApp Business for iOS prior to v2.21.32.[11]

According to the agency, India faced 11.5 million cyberattack incidents in 2021 including corporate attacks, and attacks on critical infrastructure and government agencies.[12]

December 4 2022, CERT-In was called in to investigate the cyber attack on All India Institute of Medical Sciences (AIIMS), Delhi.

References
  1. "techtarget.in". Retrieved 21 October 2013.
  2. "first.org- About CERT-In". Retrieved 23 October 2013.
  3. "meity.gov.in -- CERT-In". Retrieved 21 October 2013.
  4. "Who's who". Ministry of Electronics and Information Technology. Retrieved 31 May 2017.
  5. "India's Cyber Security Policy and Organisation – A Critical Assessment" (PDF).
  6. "As cyber attacks rise, government sounds alert". The Hindu. New Delhi, India. 26 December 2013.
  7. "CERT-In hosts Cyber Security Exercise "Synergy" for 13 countries as part of International Counter Ransomware Initiative- Resilience Working Group". pib.gov.in. Retrieved 23 January 2023.
  8. "Cabinet apprised of MoU between CERT-In India and CERT-UK".
  9. "Android's Jelly Bean, Kit Kat under cyber threat in India: CERT-In". NDTV. New Delhi, India. 2 March 2014.
  10. IANS (21 July 2020). "Update your Google Chrome browser now to avoid hackers, says CERT-In". Business Standard India. Retrieved 16 June 2021.
  11. "WhatsApp Users Warned of Flaw That Could Leak Their Personal Data". NDTV Gadgets 360. Retrieved 16 June 2021.
  12. "US cybersecurity provider SentinelOne opens India office in Bengaluru". The Hindu. 15 June 2022.


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.