35% of cyber attacks on Indian sites from China: official report

A report sent to the National Security Council Secretariat (NSCS) and other security agencies by a department under the Ministry of Electronics and Information Technology has said that the maximum number of cyber attacks on official Indian websites is from China, US, and Russia. It has also flagged the possibility of “malicious actors from Pakistan using German and Canadian cyberspace for intruding into Indian cyberspace and carrying out malicious activities”.

The report, prepared by the Indian Computer Emergency Response Team (CERT-In), which comes under the ministry, analyzed cyber attacks from April-June 2018. CERT-In is the nodal agency which deals with cybersecurity threats like hacking and phishing. It collects analyses and disseminates information on “cyber incidents”, and also issues alerts on “cyber security incidents”.

According to the report, it has been observed that China continues to “intrude” Indian cyberspace in a “significant” way. “The cyber attacks from China made up 35% of the total number of cyber attacks on official Indian websites, followed by US (17%), Russia (15%), Pakistan (9%), Canada (7%) and Germany (5%),” it says.

Many of the institutions impacted by the malicious activities have been identified, and they have been advised to take appropriate preventive action. These include Oil and Natural Gas Corporation (ONGC), National Informatics Centre (NIC), Indian Railway Catering and Tourism Corporation (IRCTC), Railways, Centre for Railway Information Systems (CRIS) and some banks like Punjab National Bank, Oriental Bank of Commerce, State Bank of India and state data centres, particularly in Maharashtra, Madhya Pradesh and Karnataka,” it says.

National level Orientation workshop for celebrating the month of September as Rashtriya Poshan Maah (National Nutrition Month) held in New Delhi, today.

Please follow and like us:

Centre plans stronger defences for key data

Worried about sensitive information making its way into the Internet, the Home Ministry is upgrading policy to secure government data and control access to it.

A senior Ministry official said that earlier the files were locked in a cupboard and accountability could be fixed, but with the advent of Digital India, a number of issues were in a grey area.

Home Minister Rajnath Singh, who recently presided over a meeting to review the evolving cyber threats, directed that the National Information Security Policy and Guidelines (NISPG) be upgraded and updated for the government sector.

In 2013, cybersecurity, which was the sole preserve of the Home Ministry, was moved to the National Security Council Secretariat (NSCS) under the Prime Minister’s Office. The critical infrastructure was moved to the National Technical Research Organization and the non-critical part to the Ministry of Electronics and Information Technology.

An official said the new policy would cover issues pertaining to the Official Secrets Act.

Please follow and like us:

Government Appoints Committee To Study Data Protection Framework for India

The government has appointed an expert committee, headed by former Supreme Court judge B N Srikrishna, to “identify key data protection issues” in India and recommend methods to address any potential problems.

The ten-member committee – which includes representatives from the department of telecommunications (DoT), the IT ministry, the Unique Identification Authority of India (UIDAI) and the academic community – will not only study the various issues around data protection in India but will also draft a data protection bill that will be taken up for consideration by the Centre.

According to sources, while the committee will be headed by former justice Srikrishna, the ministry of electronics and information technology (Meity) will likely be a driving force. The ministry, which issued the circular, will provide the committee with necessary information in order for it to start its deliberation efforts.

In addition to Srikrishna, members of the committee include DoT secretary Aruna Sundararajan, UIDAI head Ajay Bhushan Pandey, national cyber security coordinator Gulshan Rai, MeitY additional secretary Ajay Kumar, IIT Raipur director Prof Rajat Moona, IIM Indore director Rishikesha T Krishnan, DSCI’s Rama Vedasree and Vidhi Centre for Legal Policy Arghya Sengupta.

Breaches, privacy violations

The government’s decision to focus on data protection comes on the back of a wave of privacy and data breaches in India – from corporates such as Reliance Jio, McDonalds and Zomato to government agencies that have leaked the Aadhaar and personal data of over 100 million Indian citizens.

The IT ministry, according to sources, has over the last six months already started working towards putting together data protection legislation.
It has been assisted in this goal by the Vidhi Centre for Legal Policy – a legal think-tank that has assumed a certain amount of prominence amongst bureaucratic and civil society circles after having helped draft the Aadhaar Act of 2016 and the recent Bankruptcy Code.

Please follow and like us: